agentclaw-ai

v1.1.5 suspicious
6.0
Medium Risk

AgentClaw turns one-sentence ideas into reusable Claw capabilities with declarative workflows, computer/browser/code/file control, MCP, Skills, memory, knowledge bases, tracing, scheduling, and API/MCP publishing.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows a moderate risk due to high obfuscation practices, despite showing low risks in other areas such as network calls and shell executions.

  • High obfuscation risk due to use of eval and obfuscated function names
  • Single-package maintainer may indicate new or less active developer
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires internet access to function.
  • Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
  • Obfuscation: The use of eval and obfuscated function names suggests potential for code injection or execution of arbitrary code.
  • Credentials: No clear patterns indicative of credential harvesting were found.
  • Metadata: The maintainer has only one package, suggesting a new or less active account which could be risky.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • "pow": pow} result = eval(expression, allowed) return f"Result: {result}"
  • "timestamp": __import__("datetime").datetime.now().isoformat(), "detail": f"工作流
  • "timestamp": __import__("datetime").datetime.now().isoformat(), "detail": "工作流执
  • ed", "timestamp": __import__("datetime").datetime.now().isoformat(), "detail": "执行被取消(客户
  • or", "timestamp": __import__("datetime").datetime.now().isoformat(), "detail": f"执行失败: {
  • g\ndata: {json.dumps({'time': __import__('time').time()})}\n\n" except asyncio.
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository Negai-ai/AgentClaw appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "AgentClaw Team" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentclaw-ai 
Create a personal task management assistant using the 'agentclaw-ai' package. This assistant will help users manage their daily tasks by providing a robust framework for task creation, tracking, and completion. The application should integrate the following features:

1. **Task Creation**: Users should be able to input new tasks through natural language processing. The assistant will parse the task details and store them in a structured format.
2. **Task Scheduling**: Tasks should be scheduled based on user preferences or automatically according to their urgency and importance. Users should also be able to set reminders for upcoming tasks.
3. **Task Completion Tracking**: Track the progress of each task, allowing users to mark tasks as started, in progress, or completed.
4. **Knowledge Base Integration**: Integrate a knowledge base where users can store relevant information related to their tasks, such as notes, links, or documents.
5. **Memory and Tracing**: Maintain a history of all actions taken regarding tasks, including when tasks were added, modified, or completed. This will help in reviewing past activities.
6. **API/MCP Publishing**: Allow third-party applications to interact with the task management system via APIs or MCPs, enabling seamless integration with other tools or services.
7. **Customizable Workflows**: Enable users to define custom workflows for different types of tasks, such as recurring tasks or project-based tasks.
8. **Browser/Code/File Control**: Use 'agentclaw-ai' to automate interactions with web browsers, code editors, and file systems to facilitate task execution.

Utilize 'agentclaw-ai' to handle the underlying complexity of these features, leveraging its capabilities for declarative workflows, computer/browser/code/file control, memory management, and API/MCP publishing. The goal is to create a highly personalized and efficient task management tool that enhances productivity.