AI Analysis
Final verdict: SUSPICIOUS
The package shows minimal signs of malicious intent but raises concerns due to suspicious metadata and repository activity, warranting further investigation.
- Metadata risk is high at 7/10
- Suspicious git repository and maintainer history
Per-check LLM notes
- Network: Network calls to build Loki payload suggest legitimate telemetry or logging functionality.
- Shell: No shell execution patterns detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
- Credentials: No credential harvesting patterns detected, suggesting no immediate risk to stored secrets.
- Metadata: Suspicious activity around the git repository and maintainer history suggests potential risk.
Heuristic Checks
Outbound Network Calls
score 3.0
Found 2 network call pattern(s)
self._sync_client = httpx.Client(timeout=self._timeout) payload = _build_loki_payloadself._async_client = httpx.AsyncClient(timeout=self._timeout) payload = _build_loki_payload
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gmail.com>
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 5.0
Git history flags: Single contributor with only 3 commit(s) — possibly throwaway account
Single contributor with only 3 commit(s) — possibly throwaway accountAll 3 commits happened within 24 hours
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with agentgraf
Build a simple Python application using the agentgraf package to demonstrate its core features.