Package Metadata

Author: Bo Jin
Email: —
PyPI: agentao
Python: >=3.10
Versions: 27 releases
First release: 07 Apr 2026, 14:03 UTC
Analysed: 06 Jun 2026, 07:58 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaEnvironment :: ConsoleIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Software Development :: Libraries :: Application Frameworks

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risk due to potential obfuscation and execution of shell commands, though it does not perform any network calls or exhibit significant credential handling issues.

High obfuscation risk
Shell command execution

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require internet access.
Shell: Execution of shell commands may indicate potential risk depending on the command's nature and context; further investigation into the legitimacy and necessity of these commands is required.
Obfuscation: Base64 decoding with validation suggests potential obfuscation or data hiding practices which may not be standard for most applications.
Credentials: The mention of rejecting certain URI types implies some form of input validation, but lacks clear context on handling credentials, indicating low risk.
Metadata: The maintainer has only one package, which may indicate a new or less active account, but there are no other red flags.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

ry: decoded = base64.b64decode(data, validate=True) except (binascii.Error, Val

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

self._proc = subprocess.Popen( [self.config.command, *self.config.args

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

es ``uri`` (e.g. ``file:///etc/passwd``) is rejected outright, so the handler can never be co

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository jin-bo/agentao appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Bo Jin" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentao

Create a personal task management assistant using the 'agentao' package. This mini-app will allow users to manage their daily tasks locally, ensuring privacy and seamless integration into their existing workflows. The application should include the following features:

1. Task Creation: Users should be able to create new tasks with descriptions, due dates, and priority levels.
2. Task Management: Allow users to view, update, delete, and mark tasks as completed.
3. Notifications: Implement a local notification system that alerts users about upcoming tasks based on their due dates.
4. Search Functionality: Provide a search feature that allows users to find tasks based on keywords, tags, or dates.
5. Integration: The app should be able to integrate with other local applications or services, such as calendar apps, through APIs or file systems.
6. Privacy Focus: Emphasize the importance of data privacy by storing all user data locally and not transmitting any information over the internet.
7. User Interface: Develop a simple, intuitive command-line interface (CLI) or a basic graphical user interface (GUI) using a library like Tkinter.

Utilize the 'agentao' package to govern the behavior of your AI assistant, making it capable of understanding natural language commands for task creation and management. Additionally, explore how 'agentao' can facilitate the embedding of your AI assistant within the user's local environment, ensuring it operates efficiently without relying on external cloud services. Your goal is to demonstrate how 'agentao' can be used to create a functional, efficient, and privacy-focused AI assistant.