Package Metadata

Author: Radek Maciaszek
Email: —
PyPI: agent-vault-proxy
Python: >=3.12
Versions: 4 releases
First release: 29 May 2026, 23:42 UTC
Analysed: 06 Jun 2026, 07:47 UTC
Source files: 29 .py files scanned

Project Links

Changelog Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: System AdministratorsLicense :: OSI Approved :: MIT LicenseOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Internet :: Proxy ServersTopic :: Security

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high network and shell execution risks, suggesting potential malicious intent despite no clear evidence of credential harvesting. The combination of these signals raises concerns about a possible supply-chain attack.

High network risk due to calls to suspicious domains
Elevated shell risk from executing commands

Per-check LLM notes

Network: The network calls to external domains, especially 'evil.example.com', suggest potential malicious activity.
Shell: Executing shell commands like 'docker info' and running scripts can be legitimate but pose risks if not properly controlled, indicating possible unauthorized access or behavior.
Obfuscation: The use of base64 encoding with validation suggests an attempt to decode strings safely, which is not inherently malicious but could be used for obfuscation.
Credentials: No clear patterns indicating credential harvesting have been detected.
Metadata: Suspicious non-HTTPS link and single package from author suggest potential risk, but not conclusive evidence of malice.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

) try: response = httpx.get( "https://evil.example.com/", header
try: response = httpx.post( "https://api.anthropic.com/v1/messages",

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

alue) try: return base64.b64decode(v.encode("ascii"), validate=True).decode("utf-8") except
binascii.Error / ValueError — base64.b64decode(validate=True) # surfaces malformed input as eit
rror_caught() -> None: """base64.b64decode(validate=True) can raise ValueError (not binascii.Error)

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

audit_path. result = subprocess.run( # noqa: S603 [lsattr_path, "-d", str(path)],
harness") daemon_check = subprocess.run( ["docker", "info"], capture_output=True,
00]}" ) result = subprocess.run( ["bash", str(E2E_DIR / "run.sh")], cwd=str(

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:14322

✓ Git Repository History

Repository inflightsec/agent-vault-proxy appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Radek Maciaszek" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent-vault-proxy

Create a secure, efficient mini-application using Python and the 'agent-vault-proxy' package that automates the process of fetching and injecting API credentials into HTTP requests without exposing sensitive information in memory. Your application will act as a proxy server that listens for incoming requests, retrieves the necessary API keys from Bitwarden Secrets Manager, and then forwards the request with the appropriate headers. This ensures that your application does not have direct access to the actual API keys, enhancing security.

Step-by-Step Instructions:
1. Set up a basic Flask or FastAPI web server to handle incoming HTTP requests.
2. Integrate the 'agent-vault-proxy' package to manage the retrieval of API credentials from Bitwarden Secrets Manager.
3. Implement logic within your application to identify which API keys are required for each request based on URL patterns or other criteria.
4. Use the 'agent-vault-proxy' to dynamically fetch these API keys just before making the request.
5. Inject the retrieved credentials into the outgoing HTTP request headers.
6. Forward the request to the intended destination and return the response back to the client.
7. Ensure proper error handling and logging mechanisms are in place to monitor the proxy's operations and any potential issues.

Suggested Features:
- Support for multiple API key types and their respective services.
- Customizable configuration files to define different scenarios or environments.
- Logging of all actions performed by the proxy, including failed attempts.
- Rate limiting or request throttling capabilities to prevent abuse.
- Basic authentication or token-based access control for managing who can send requests through the proxy.

How 'agent-vault-proxy' is Utilized:
- 'agent-vault-proxy' acts as the intermediary between your application and Bitwarden Secrets Manager, securely fetching API keys on demand.
- It ensures that sensitive data such as API keys are never stored in plaintext within your application's code or configuration files.
- By leveraging 'agent-vault-proxy', you can maintain a clean separation between your application logic and the management of sensitive credentials.