agentic-shop-tg

v0.1.0 suspicious
4.0
Medium Risk

Turn any online shop into a Telegram storefront bot — scrape products, browse, add to cart, and checkout inside Telegram

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits low risk in terms of network, shell, obfuscation, and credential risks. However, its metadata risk score is high due to limited maintainer history and an incomplete author profile, raising concerns about potential supply-chain attacks.

  • High metadata risk
  • Limited maintainer history
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package is expected to communicate with external services.
  • Shell: Subprocess calls to create virtual environments and install dependencies are common and generally benign, but could be used maliciously if the commands are altered or if the package installs unauthorized software.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of being newly created with limited maintainer history and an incomplete author profile, raising suspicion.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • l environment...{RESET}") subprocess.run([sys.executable, "-m", "venv", venv_path], check=True)
  • dependencies...{RESET}") subprocess.run([pip, "install", "--quiet", "-r", os.path.join(target, "requ
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic-shop-tg 
Create a fully-functional Telegram bot storefront that integrates with an existing online store using the 'agentic-shop-tg' package. Your goal is to develop a seamless shopping experience within Telegram where users can browse products, add them to their cart, and complete the purchase process directly through the bot interface. Here’s a detailed breakdown of the steps and features you need to implement:

1. **Setup and Configuration**: Begin by setting up your development environment and installing the necessary packages, including 'agentic-shop-tg'. Configure the bot to connect with your chosen online store API.

2. **Product Scraping and Display**: Utilize 'agentic-shop-tg' to scrape product information from the online store and display it in a user-friendly manner on Telegram. Ensure that each product listing includes essential details such as name, price, image, and a brief description.

3. **Interactive Product Browsing**: Implement commands that allow users to browse products by category, search for specific items, and view individual product pages with more details.

4. **Cart Management**: Enable users to add products to their cart, remove items, and view their current cart contents. Make sure the cart is persistent across different sessions.

5. **Checkout Process**: Design a secure and efficient checkout flow that guides users through entering shipping information, selecting payment methods, and completing the transaction.

6. **Order Confirmation and Tracking**: After a successful purchase, send order confirmation messages and provide options for tracking the delivery status.

7. **User Authentication and Security**: Integrate user authentication to ensure that only authorized users can access their personal shopping carts and make purchases.

8. **Feedback and Support**: Include features for users to leave feedback about their shopping experience and contact support directly through the bot.

By following these steps, you will create a comprehensive Telegram bot storefront that leverages the power of 'agentic-shop-tg' to offer a convenient and engaging shopping experience.