agentlint

v2.5.3 suspicious
4.0
Medium Risk

Real-time quality guardrails for AI coding agents

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risks due to its ability to make network calls and execute shell commands, which could potentially be exploited for malicious purposes.

  • Moderate network risk
  • High shell execution risk
Per-check LLM notes
  • Network: The network calls suggest the package might be communicating with an external server, which could be for legitimate purposes like reporting usage statistics but may also indicate potential C2 channels.
  • Shell: The shell execution patterns indicate the package can execute commands on the system, which is risky and could be used for malicious activities if not properly controlled.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, which may indicate a new or less active account.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • p("/") response = requests.post( f"{api_base}/dashboard/cli-pairing/start",
  • dline: poll = requests.get( f"{api_base}/dashboard/cli-pairing/{pai
  • try: response = requests.post( f"{self.api_url}/events", j
  • try: response = requests.post( f"{self.api_url}/events/batch",
  • try: response = requests.get( f"{api_url}/feeds/{feed_name}", hea
  • try: response = requests.get( f"{api_url}/policy", headers=header
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

  • : return result = subprocess.run(command, check=False) if result.returncode != 0:
  • False)): result = subprocess.run(command, check=False) if result.returncode != 0:
  • return try: subprocess.Popen( [ sys.executable,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository mauhpr/agentlint appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "mauhpr" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentlint 
Create a real-time code quality checker tool named 'AI CodeGuard' using Python and the 'agentlint' package. This tool will monitor and evaluate the quality of code generated by AI coding assistants in real-time, ensuring it adheres to best practices and standards. The application should have a user-friendly interface that allows users to input or paste their code snippets and receive instant feedback on potential issues or improvements.

Key Features:
- Integration with popular AI coding assistants like GitHub Copilot or similar services.
- Real-time linting capabilities that check code against predefined quality rules.
- A dashboard that displays warnings, errors, and suggestions for improvement.
- Support for multiple programming languages including Python, JavaScript, and Java.
- Customizable quality rules based on specific project requirements.
- Detailed reports that can be exported as PDF or HTML.

How to Use 'agentlint':
- Utilize 'agentlint' to set up real-time monitoring and quality checks for the code being generated or edited.
- Implement 'agentlint' rules and configurations to tailor the quality checks according to the specific needs of different projects.
- Integrate 'agentlint' into the application's backend to process and analyze code snippets as they are entered by the user.
- Display 'agentlint' results directly within the application's user interface for immediate feedback.

Steps to Build the Application:
1. Set up a Python environment and install necessary packages including 'agentlint'.
2. Design the user interface using a framework such as Tkinter or PyQt.
3. Develop the backend logic to handle code input, processing, and linting using 'agentlint'.
4. Implement real-time code analysis features that update the UI as the user types or pastes code.
5. Create a reporting module that generates detailed quality reports based on 'agentlint' findings.
6. Test the application thoroughly across various programming languages and scenarios.
7. Deploy the application either as a standalone desktop app or a web-based service.