agentic-devkit

v0.1.16 suspicious
4.0
Medium Risk

CLI and catalog for agentic documentation OS templates (greenfield + brownfield overlay)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits minimal risks in terms of network calls, shell execution, obfuscation, and credential harvesting. However, the metadata risk score suggests potential issues with maintenance and community engagement, warranting further scrutiny.

  • Low maintainer effort and community involvement
  • Potential signs of inadequate package maintenance
Per-check LLM notes
  • Network: No network calls detected, which is normal for many packages.
  • Shell: Shell execution is used for Git operations and Copier tool usage, suggesting legitimate package management or version control activities.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of low maintainer effort and lack of community involvement, raising some suspicion but not conclusive evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • tr(dest.resolve()) return subprocess.call([sys.executable, "-m", "copier", "copy", source, dest_str])
  • str: try: return subprocess.check_output(["git", *args], cwd=repo, text=True, stderr=subprocess.DEVNU
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic-devkit 
Your task is to create a versatile command-line tool named 'AgenticTemplateManager' using the 'agentic-devkit' Python package. This tool will serve as a powerful interface for managing and deploying documentation templates for both greenfield and brownfield projects. Here’s a detailed breakdown of what your application should accomplish:

1. **Setup and Installation**: Ensure that users can easily install the AgenticTemplateManager via pip. Your setup.py file should include dependencies on 'agentic-devkit' and any other necessary packages.
2. **CLI Interface**: Develop a user-friendly CLI that allows users to interact with the application through commands like `init`, `deploy`, `update`, `list`, and `remove`. Each command should perform specific actions related to template management.
3. **Template Management**: Implement functionalities to manage templates including listing available templates, initializing new projects with templates, updating existing projects, and removing unused templates.
4. **Integration with 'agentic-devkit'**: Utilize the 'agentic-devkit' package to access its catalog of templates. This includes fetching details about templates, downloading them, and applying overlays for brownfield projects.
5. **Customization Options**: Allow users to customize templates during initialization or deployment. Users should be able to specify variables such as project name, version, and other relevant configurations.
6. **Logging and Feedback**: Implement logging to track operations performed by the CLI. Provide clear feedback messages to guide users through each step of the process.
7. **Security Considerations**: Ensure that sensitive information like API keys or credentials are handled securely, possibly through environment variables or secure storage solutions.
8. **Documentation**: Create comprehensive documentation for both developers and end-users. Include examples and best practices for utilizing the AgenticTemplateManager effectively.

Your application should showcase the power and flexibility of the 'agentic-devkit' package while providing a seamless experience for users managing their documentation templates. Remember to test thoroughly and ensure that all features work as expected.