AI Analysis
Final verdict: SUSPICIOUS
The package is flagged as suspicious due to the detection of shell execution capabilities and low-effort metadata, which may indicate potential risks.
- Detection of shell execution
- Low-effort metadata
Per-check LLM notes
- Network: No network calls detected, indicating low risk in terms of network activity.
- Shell: Detection of shell execution suggests potential for executing arbitrary commands, which could be risky if not properly sanitized or controlled.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The package shows signs of low effort and potential lack of transparency, which could indicate risk.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
score 10.0
Found 5 shell execution pattern(s)
s try: result = subprocess.run(command, shell=True, check=True, stdout=subprocess.PIPE, stds try: result = subprocess.run(['python', '-c', code], check=True, stdout=subprocess.PIPE,s try: result = subprocess.run(['python', file], check=True, stdout=subprocess.PIPE, stderrrt subprocess result = subprocess.run( ['findstr', pattern, file], stdout=subproult = subprocess.run(command, shell=True, check=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
No author email provided
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 8.0
4 maintainer concern(s) found
Only one version has ever been released — brand new packageAuthor name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with agentic_cli_pranay
Create a terminal-based personal assistant application named 'AgenticTerm' using the 'agentic_cli_pranay' package. This application should serve as a command-line interface (CLI) for managing daily tasks, such as setting reminders, checking the weather, scheduling meetings, and providing general information like news updates or definitions of words. The application should be user-friendly and interactive, allowing users to communicate in natural language. Key Features: 1. Task Management: Users can add, view, edit, and delete tasks or reminders directly from the terminal. 2. Weather Updates: Fetch current weather conditions for any specified location. 3. Meeting Scheduler: Schedule virtual meetings by providing details like date, time, and participants. 4. Information Retrieval: Provide quick answers to queries related to general knowledge, such as definitions, historical facts, etc. 5. Natural Language Processing: The CLI should understand and respond to commands given in natural language rather than requiring strict syntax. How to Utilize 'agentic_cli_pranay': - Use 'agentic_cli_pranay' to integrate terminal capabilities into your personal assistant application. It will help in making the interaction more seamless and powerful by adding features such as command history, auto-completion, and more sophisticated input/output handling. - Implement a system where users can interact with the application using commands similar to those provided by 'agentic_cli_pranay', but extend these functionalities according to the specific needs of 'AgenticTerm'. For example, allow users to ask for weather updates by typing 'weather [location]' and get a response in the terminal. - Ensure that the application leverages the terminal's strengths, such as real-time interaction and efficient data processing, to enhance user experience.