Package Metadata

Author: —
Email: Mohamed Waseem <[email protected]>
PyPI: agentdiscover
Python: >=3.10
Versions: 9 releases
First release: 29 May 2026, 06:08 UTC
Analysed: 06 Jun 2026, 08:35 UTC
Source files: 61 .py files scanned

Project Links

Changelog Documentation Homepage Issues Repository

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersIntended Audience :: Information TechnologyIntended Audience :: System AdministratorsLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of risk due to its execution of external commands and potential for accessing sensitive AWS credentials, despite no clear evidence of malicious intent.

Executing external commands increases shell risk
Potential retrieval of AWS credentials

Per-check LLM notes

Network: The network calls seem to be making HTTP requests to external services which could be legitimate, but without context on the purpose, there's some risk of unintended data transfer.
Shell: Executing external commands like 'osqueryi', 'git', and 'npm' from within a package can indicate potential for unintended behavior or even malicious activities, especially if not clearly documented.
Obfuscation: No signs of obfuscation detected.
Credentials: The code appears to be attempting to retrieve AWS region settings from environment variables which could indicate an attempt to access sensitive information.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

t_token req = urllib.request.Request( f"{wawsdb_url.rstrip('/')}/scan
) with urllib.request.urlopen(req, timeout=5) as resp: data =
(prompt: str): async with httpx.AsyncClient() as client: response = await client.post(
----- try: resp = httpx.get(_BEDROCK_RANGES_URL, timeout=3.0) resp.raise_for_sta
_token try: with httpx.Client(timeout=30.0, verify=certifi.where()) as client: # type: ig
[tuple] = set() with httpx.Client(verify=True) as client: token = self._get_access

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

is installed try: subprocess.run( ["osqueryi", "--version"], capture_
t, str]: try: r = subprocess.run( ["git", *args], capture_output=True
""" try: result = subprocess.run( ["npm", "config", "get", "prefix"],
"json"] result = subprocess.run(cmd, capture_output=True, text=True, timeout=60)
esolve() try: r = subprocess.run( ["git", "remote", "get-url", "origin"],
repo.""" try: r = subprocess.run( ["git", "-C", str(scan_root), "remote", "get-ur

⚠ Credential Harvesting score 10.0

Found 4 credential access pattern(s)

ort] _region = region or os.environ.get("AWS_DEFAULT_REGION") or os.environ.get("AWS_REGION") client
.get("AWS_DEFAULT_REGION") or os.environ.get("AWS_REGION") client = boto3.client("cloudtrail", region_name
region = ( os.environ.get("AWS_DEFAULT_REGION") or os.environ.get("AWS_REGION") or "us-east
.get("AWS_DEFAULT_REGION") or os.environ.get("AWS_REGION") or "us-east-1" ) client = b

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: defendai.tech>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Defend-AI-Tech-Inc/agent-discover-scanner appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentdiscover

Build a simple Python application using the agentdiscover package to demonstrate its core features.