Package Metadata

Author: —
Email: Microsoft Corporation <[email protected]>
PyPI: agent_hypervisor
Python: >=3.11
Versions: 17 releases
First release: 21 Feb 2026, 18:18 UTC
Analysed: 06 Jun 2026, 07:54 UTC
Source files: 61 .py files scanned

Project Links

Agent Mesh Agent OS Agent SRE Bug Tracker Documentation Homepage Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Science/ResearchLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits signs of potential obfuscation and has incomplete metadata, raising concerns about its origin and intent. While it does not clearly indicate malicious behavior, these factors combined with network communication that requires further clarification warrant a cautious approach.

obfuscation risk
incomplete author metadata

Per-check LLM notes

Network: The package makes network calls to an API endpoint which could be used for legitimate purposes like health checks or reporting status, but further investigation is needed to confirm the API's purpose and the legitimacy of the communications.
Shell: No shell execution patterns were detected in the provided code snippet.
Obfuscation: The code pattern suggests an attempt to hide the import path, which could indicate obfuscation for evading detection.
Credentials: No clear evidence of credential harvesting is present.
Metadata: The author's information is incomplete and the account seems new or inactive, raising some suspicion but not definitive evidence of malice.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

dict: try: req = urllib.request.Request(f"{API}{path}") with urllib.request.urlopen(
(f"{API}{path}") with urllib.request.urlopen(req, timeout=3) as resp: return json.loa
try: r = httpx.get(f"{API}/health", timeout=3) if r.status_code ==
agent in AGENTS: r = httpx.post(f"{API}/agents", json=agent, timeout=10) data = r.js
───────────────────") r = httpx.get(f"{API}/agents", timeout=10) for a in r.json():
3 ─────────────────") r = httpx.post( f"{API}/kill", json={"agent_did": "did:mesh

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

r demo sys.path.insert(0, str(__import__("pathlib").Path(__file__).resolve().parent.parent / "src")) from hype

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: microsoft.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository microsoft/agent-governance-toolkit appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agent_hypervisor

Develop a mini-application called 'SecureMultiAgentWorkshop' that leverages the 'agent_hypervisor' Python package to manage secure, collaborative coding sessions among multiple agents (developers). This application should allow developers to work on a shared codebase in real-time while ensuring security, accountability, and traceability of actions performed during the session. Here’s a detailed breakdown of the requirements:

1. **Setup**: Begin by installing the 'agent_hypervisor' package. Ensure your development environment supports Python 3.8 or higher.

2. **Session Management**: Implement a feature where each developer logs into the system using their unique credentials. The system should then create a secure, isolated session for each user, leveraging the 'agent_hypervisor' package's execution rings to prevent any accidental or malicious interference between users' environments.

3. **Shared Workspace**: Developers should be able to open a shared workspace where they can view and edit a common codebase. Use 'agent_hypervisor' to ensure that all changes made to the codebase are recorded and can be reverted if necessary.

4. **Saga Orchestration**: Integrate 'agent_hypervisor's saga orchestration feature to handle complex workflows involving multiple agents. For instance, if one agent makes a change, the system should automatically notify other agents about the change and request their approval before committing the change to the main branch.

5. **Audit Trails**: Utilize the hash-chained audit trail feature provided by 'agent_hypervisor' to maintain a tamper-proof log of all actions performed within the session. This includes file edits, comments, approvals, and rejections.

6. **Security Measures**: Ensure that all communications within the workshop are encrypted and that the 'agent_hypervisor' package's joint liability feature is used to distribute responsibility for maintaining the integrity of the shared workspace among all participants.

7. **User Interface**: Design a simple, intuitive user interface that allows developers to easily navigate through the shared workspace, view changes, and interact with the system's features.

Your task is to write the complete code for this mini-application, including setup instructions, sample usage scenarios, and documentation. Additionally, provide a brief explanation of how each feature of the 'agent_hypervisor' package is utilized within your application.