agentic-ic

v3.0.3 suspicious
6.0
Medium Risk

AgentIC — Autonomous AI-Driven Chip Design: Natural Language to GDSII

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks, primarily due to potential obfuscation practices and a lack of transparency regarding its development and maintenance.

  • High shell execution risk
  • Missing repository and sparse maintainer details
Per-check LLM notes
  • Network: The network calls appear to be related to package updates and license verification, which could be legitimate but warrant further investigation.
  • Shell: The shell executions include building the package and compiling code, which are common in development. However, the use of pyarmor suggests obfuscation, raising concerns about potential hiding of malicious activities.
  • Obfuscation: The regex pattern suggests the package may be handling or processing specific code blocks, which could indicate obfuscation but also might be for legitimate purposes like documentation or code analysis.
  • Credentials: No clear patterns of credential harvesting were detected.
  • Metadata: The repository is not found and the maintainer has minimal information available, raising suspicion.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • ose(fd) try: urllib.request.urlretrieve(download_url, temp_path) console.print("
  • port requests response = requests.post( LICENSE_VERIFY_URL, headers={"Accept": "app
  • try: resp = requests.get(api_url) resp.raise_for_status() release_dat
  • bject. """ async with httpx.AsyncClient(timeout=10) as client: resp = await client.get(
  • C function.""" async with httpx.AsyncClient(timeout=10) as client: resp = await client.post(
  • f"&{filters}" async with httpx.AsyncClient(timeout=10) as client: resp = await client.get(
Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • diff ── code_match = __import__('re').search(r'```(?:verilog|systemverilog|sv)\n([\s\S]*?)```', r
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • r(build_dir) try: subprocess.run([sys.executable, "-m", "build", "--wheel"], check=True)
  • Pyarmor...") try: subprocess.run([ sys.executable, "-m", "pyarmor.cli.pyarmor", "
  • ) os.chdir(build_dir) subprocess.run([sys.executable, "-m", "build"], check=True) os.chdir(".
  • ed compile_res = subprocess.run( ["iverilog", "-g2012", "-o", sim_file, tb_f
  • try: sim_res = subprocess.run( ["vvp", sim_file], capture_
  • doesn't block the API subprocess.Popen(["gtkwave", path], stdout=subprocess.DEVNULL, stderr=subproc
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic-ic 
Create a mini-application called 'ChipSketcher' using the Python package 'agentic-ic'. This tool will allow users to design simple digital circuits through natural language commands and visualize their designs as graphical representations and GDSII files. The application should have a user-friendly command-line interface where users can input descriptions of basic logic gates (AND, OR, NOT, XOR) and connections between them. After receiving the user's input, the application will utilize the 'agentic-ic' package to convert these descriptions into a formal circuit design and generate corresponding GDSII files for fabrication purposes. Additionally, the application should provide a feature to simulate the designed circuit using a simple truth table generator based on the input logic gate descriptions. Users should also be able to export the circuit diagram in a common image format like PNG for easy sharing and documentation. The application should include error handling for incorrect input descriptions and provide feedback to the user in case of any issues. Finally, document the entire process with comments and explanations within the code to ensure maintainability and ease of understanding.