agentarmor-core

v0.7.0 suspicious
8.0
High Risk

Comprehensive security framework for agentic AI applications — 8-layer defense-in-depth.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows significant signs of potential malicious activity, especially concerning credential risk and obfuscation. While some risks may be justified for functionality, the overall pattern is alarming.

  • High credential risk due to access attempts to critical system files
  • Significant obfuscation techniques observed
Per-check LLM notes
  • Network: The network calls could be legitimate if the package is designed to communicate with external services or APIs.
  • Shell: The shell execution might indicate that the package performs system-specific tasks, but it's risky and could potentially execute arbitrary commands.
  • Obfuscation: The presence of patterns related to bypassing comments and executing commands suggests potential obfuscation or evasion techniques.
  • Credentials: Access attempts to critical system files like /etc/shadow and /etc/passwd indicate a high risk of credential harvesting or unauthorized access.

🔬 Heuristic Checks

Outbound Network Calls score 4.5

Found 3 network call pattern(s)

  • with ( socket.create_connection((hostname, port), timeout=timeout) as sock,
  • : resp = httpx.get(f"{base}{endpoint}", timeout=timeout) i
  • try: resp = httpx.get(url, timeout=timeout, follow_redirects=True)
Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

  • ): pipe.model.eval() _d3_state["pipeline"] = pipe _d3_s
  • ned("gpt2") model.eval() _d4_state["model"] = model _d4_sta
  • Li_comment_bypass"), (re.compile(r"'\s*;\s*exec\b|\bxp_cmdshell\b|\bsp_executesql\b", re.I), 1.0, "SQLi_exec"), (re.compile(r"\bwa
  • "CmdInj_python_os"), (re.compile(r"exec\s*\(|eval\s*\(|compile\s*\(", re.I), 0.85, "CmdInj_eval"),
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • process result = subprocess.run( ["ioreg", "-rd1", "-c", "IOPlatformExpertD
Credential Harvesting score 10.0

Found 4 credential access pattern(s)

  • e", params={"path": "/etc/passwd"}, agent_id="my-agent", input_data="Ignor
  • "{'path': '/etc/passwd'} or {'query': 'SELECT *'}" ),
  • Critical system config ("/etc/shadow", 4.0), ("/etc/passwd", 4.0), ("/etc/*", 4.0),
  • ("/etc/shadow", 4.0), ("/etc/passwd", 4.0), ("/etc/*", 4.0), # User secret material
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Agastya Todi" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentarmor-core 
Develop a secure chatbot application using the 'agentarmor-core' package. This application will serve as a personal assistant, capable of performing tasks such as scheduling appointments, setting reminders, and providing weather updates. It will also include a feature where users can ask for news updates on specific topics.

The application should adhere to strict security protocols, utilizing all eight layers of defense provided by 'agentarmor-core'. These layers include physical security, network security, host security, application security, data security, identity management, operational security, and compliance.

Here are the steps to develop the application:
1. Set up a virtual environment and install necessary packages including 'agentarmor-core'.
2. Design the application architecture, ensuring it integrates seamlessly with 'agentarmor-core'.
3. Implement user authentication and authorization mechanisms leveraging 'agentarmor-core's identity management layer.
4. Develop functionalities for scheduling, reminders, and weather updates, ensuring these features are protected under 'agentarmor-core's application security layer.
5. Integrate a news API to fetch and provide news updates based on user preferences, with data secured according to 'agentarmor-core's data security guidelines.
6. Test the application thoroughly to ensure all features work as expected while adhering to the security standards set by 'agentarmor-core'.
7. Deploy the application, maintaining compliance with regulations through 'agentarmor-core's compliance layer.
8. Monitor the application's performance and security status continuously, using 'agentarmor-core's operational security tools.

Throughout development, utilize 'agentarmor-core' to implement comprehensive security measures at every stage, from initial setup to deployment and ongoing maintenance.