agentic-settle

v0.2.0 suspicious
4.0
Medium Risk

Python SDK for AgenticSettle — verify any AI agent's output, settle with pre-paid token escrow, earn the Verified badge.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is assessed as suspicious due to its metadata indicating new creation and limited maintainer history, despite having low risks in terms of network, shell, obfuscation, and credential handling.

  • Metadata risk score of 7 out of 10
  • Limited maintainer history
Per-check LLM notes
  • Network: The observed network calls are typical for packages that require interaction with external services or APIs.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of being newly created and has limited maintainer history, raising concerns about potential malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • _id, ) with httpx.Client(timeout=self.timeout) as c: r = c.post(f"{self.
  • SettleReceipt: with httpx.Client(timeout=self.timeout) as c: r = c.get(
  • dict[str, Any]: with httpx.Client(timeout=self.timeout) as c: r = c.get(
  • dict[str, Any]: with httpx.Client(timeout=self.timeout) as c: r = c.post(f"{self.
  • ) async with httpx.AsyncClient(timeout=self.timeout) as c: r = await c.post(
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: agenticsettle.io>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic-settle 
Create a web-based platform named 'AI Assurance Hub' using Python and the 'agentic-settle' package. This platform will allow users to submit AI-generated content for verification and settlement of pre-paid tokens as payment for verified services. The app should include the following functionalities:

1. User Authentication: Users must be able to register and log in to the platform.
2. Content Submission: Authenticated users can submit AI-generated content for verification.
3. Verification Process: Utilize the 'agentic-settle' package to verify the authenticity and quality of the submitted content based on predefined criteria.
4. Token Escrow: Implement a system where users pay a pre-determined amount of tokens before submission. These tokens are held in escrow until the content passes verification.
5. Verified Badge Issuance: Once the content is verified, issue a 'Verified' badge and release the tokens from escrow to the service provider.
6. Dashboard: Provide a dashboard for users to view their submissions, status updates, and earned badges.
7. Analytics: Offer analytics on the number of successful verifications, token settlements, and user activity.
8. Documentation: Create comprehensive documentation explaining how to use the platform and integrate it with existing systems.

The 'agentic-settle' package is utilized throughout the process for verifying the AI-generated content, handling the token escrow mechanism, and issuing the verified badge. It integrates seamlessly into the backend processes to ensure trust and transparency in the transactions between users and service providers.