AI Analysis
Final verdict: SUSPICIOUS
The package is flagged as suspicious due to its potential for executing arbitrary commands and low maintainer activity. However, it does not show signs of malicious intent or other high-risk behaviors.
- Shell execution patterns detected
- Low maintainer activity
Per-check LLM notes
- Network: No network calls detected, indicating low risk in this area.
- Shell: Detection of shell execution patterns suggests potential for executing arbitrary commands, which could be risky if not properly controlled.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The package shows signs of low maintainer activity and poor metadata quality, but there are no clear indicators of malicious intent.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
score 10.0
Found 5 shell execution pattern(s)
ess try: result = subprocess.run(command, shell=True, check=True, stdout=subprocess.PIPE, stdess try: result = subprocess.run(['python', '-c', code], check=True, stdout=subprocess.PIPE,ess try: result = subprocess.run(['python', file], check=True, stdout=subprocess.PIPE, stderrport subprocess result = subprocess.run( ['findstr', pattern, file], stdout=subproceult = subprocess.run(command, shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
No author email provided
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 6.0
3 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with agentic-terminal-mcp-luckynaren
Create a Python-based terminal utility named 'AgenticTerm' that leverages the 'agentic-terminal-mcp-luckynaren' package to manage and enhance interactions between a user and an AI agent. This utility should serve as a versatile command-line interface where users can input commands, and the AI agent processes these commands to perform various tasks. The application should include the following core functionalities: 1. **User Command Input**: Users should be able to type commands into the terminal, which will then be processed by the AI agent. 2. **AI Agent Response**: The AI agent should provide responses based on the commands received, using natural language processing to understand and interpret the user's intentions. 3. **Task Execution**: Depending on the command, the AI agent should execute specific tasks, such as searching the web, performing calculations, fetching weather information, or even controlling smart home devices through APIs. 4. **Interactive Help System**: Include a built-in help system that provides users with a list of available commands and their descriptions when they type 'help'. 5. **Logging and History**: Implement logging of all interactions for debugging purposes and maintain a history of commands executed, allowing users to review past interactions. 6. **Customizability**: Allow users to customize certain aspects of the AI agent's behavior, such as preferred language, time zone, and default settings for external API integrations. To achieve these functionalities, utilize the 'agentic-terminal-mcp-luckynaren' package to set up the terminal environment, handle user inputs, and facilitate communication between the user and the AI agent. Additionally, integrate third-party libraries as needed to extend the functionality of the AI agent, such as requests for HTTP requests, pytz for timezone handling, and nltk for enhanced NLP capabilities.