agentic_security

v1.0.0 suspicious
6.0
Medium Risk

Agentic LLM vulnerability scanner

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several moderate to high-risk behaviors including potential insecure network calls, risky shell invocation, and credential exposure, raising suspicion about its security posture.

  • Insecure network calls
  • Risky shell invocation
  • Potential for API key exposure
Per-check LLM notes
  • Network: The network calls suggest external API interactions which could be legitimate, but the incomplete URLs and potential typo in 'promp' raise concerns about misconfiguration or unintended behavior.
  • Shell: The use of subprocess.run and Popen with shell=True is risky as it can lead to arbitrary code execution if not properly sanitized, indicating a significant security concern.
  • Obfuscation: No obfuscation patterns were detected.
  • Credentials: The code snippet indicates potential for API key exposure through environment variables or function arguments, which could be a security risk if not properly managed.
  • Metadata: The package contains non-secure links which could indicate potential security risks, but there are no clear signs of typosquatting or other malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • try: response = requests.post( f"{self.api_url}/rl-model/select-next-promp
  • from a URL""" response = httpx.get(url) encoded_content = base64.b64encode(response.content
  • etry", 3)) async with httpx.AsyncClient(transport=transport) as client: response = await
  • URITY}/verify" async with httpx.AsyncClient() as client: response = await client.post(url, json=
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • o generate AIFF audio subprocess.run(["say", "-o", temp_aiff_path, prompt], check=True)
  • o WAV using afconvert subprocess.run( ["afconvert", "-f", "WAVE", "-d", "LEI16", temp
  • environment process = subprocess.Popen( command, stdout=subprocess.PIPE, stderr=subproc
  • env=env, shell=True, ) logger.info(f"Started {command}")
Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • ey = kwargs.get("api_key") or os.getenv("API_KEY") if not api_key: from fastapi import H
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links score 10.0

Found 5 suspicious link(s) on the package page

  • Non-HTTPS external link: http://0.0.0.0:8718
  • Non-HTTPS external link: http://0.0.0.0:8718/v1/self-probe
  • Non-HTTPS external link: http://0.0.0.0:8718/v1/self-probe\nAuthorization:
  • Non-HTTPS external link: http://0.0.0.0:9094/v1/self-probe-image
  • Non-HTTPS external link: http://0.0.0.0:9094/v1/self-probe-file
Git Repository History

Repository msoedov/agentic_security appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Alexander Miasoiedov" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentic_security 
Your task is to create a Python-based application named 'VulnerabilityHunter' using the 'agentic_security' package. This application will serve as a comprehensive tool for scanning and identifying potential security vulnerabilities in a given set of URLs or IP addresses. The application should be user-friendly and capable of generating detailed reports on detected vulnerabilities.

Step 1: Installation
- Start by installing the 'agentic_security' package using pip.

Step 2: User Interface
- Design a simple command-line interface where users can input URLs or IP addresses they want to scan.
- Allow users to specify the type of scan they wish to perform (e.g., quick scan, deep scan).

Step 3: Scanning Process
- Utilize 'agentic_security' to perform the scans. Ensure that the application supports both real-time scanning and scheduled scans.
- Implement functionality to detect common vulnerabilities such as SQL injection, XSS, and CSRF.

Step 4: Reporting
- Develop a feature to generate detailed reports upon completion of each scan. Reports should include information like the type of vulnerability, severity level, and steps to mitigate the risk.
- Provide options to export these reports in formats like PDF or CSV.

Suggested Features:
- Real-time vulnerability alerts via email or SMS.
- Historical data tracking for trend analysis.
- Integration with popular bug tracking systems (e.g., Jira).
- Support for multiple languages and locales.

Remember to document your code thoroughly and ensure the application is robust against errors and exceptions.