agentic-mesh-protocol

v0.2.4 suspicious
4.0
Medium Risk

Python gRPC interfaces for Agentic Mesh Protocol

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate obfuscation risk and has metadata indicating a potentially new or inactive maintainer, raising concerns about its legitimacy.

  • Obfuscation risk 6/10
  • Metadata risk 3/10
Per-check LLM notes
  • Network: No network calls detected, which is typical for many packages and does not necessarily indicate risk.
  • Shell: No shell execution patterns detected, indicating the package likely does not execute external commands without user interaction.
  • Obfuscation: The patterns resemble obfuscated binary data which could be used for malicious purposes but may also be part of a legitimate protocol encoding mechanism.
  • Credentials: No clear indicators of credential harvesting were found.
  • Metadata: The maintainer has a new or inactive account and lacks a proper author name, which could indicate potential issues.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

  • 1(\x01\x42\x11\xbaH\x0e\x12\t)\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x01\x01R\x04\x63ost\x12\x34\n\nmission_id\x18\x02 \x01(\tB\x15\xbaH
  • 1(\x01\x42\x11\xbaH\x0e\x12\t)\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x01\x01R\x04rate\x12\x45\n\x10setup_version_id\x18\x07 \x01(\tB\x1b
  • 1(\x01\x42\x11\xbaH\x0e\x12\t)\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x01\x01R\x08quantity\"\x9d\x03\n\x0e\x41\x64\x64\x43ostRequest\x12%
  • 1(\x01\x42\x11\xbaH\x0e\x12\t)\x00\x00\x00\x00\x00\x00\x00\x00\xc8\x01\x01R\x08quantity\"+\n\x0f\x41\x64\x64\x43ostResponse\x12\x18\n\
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: digitalkin.ai>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository DigitalKin-ai/service-apis-py appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic-mesh-protocol 
Create a real-time collaborative document editor using the 'agentic-mesh-protocol' Python package. This mini-application will allow multiple users to edit the same document simultaneously, with changes being reflected in real-time across all connected clients. The application should include the following features:

1. User Authentication: Implement basic user authentication to ensure only authorized users can access and edit documents.
2. Real-Time Collaboration: Users should be able to see each other's cursor movements and text edits as they happen.
3. Document Versioning: Keep track of different versions of the document, allowing users to revert to previous states if needed.
4. Notification System: Notify users about new edits and updates made by other collaborators.
5. Conflict Resolution: Implement simple conflict resolution strategies for cases where two users try to edit the same part of the document at the same time.

The 'agentic-mesh-protocol' package will be used to facilitate communication between the server and client applications, ensuring that all changes are propagated in real-time. Use gRPC to define the service and message types required for this application, such as defining messages for document edits, user actions, and notifications. Additionally, explore how you can leverage the mesh network capabilities provided by the package to enhance reliability and performance in your application.