agentlog-llm

v0.1.0 suspicious
8.0
High Risk

Trace AI agent execution — LLM calls, tool calls, costs and latency

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high obfuscation risk due to the use of eval with user input, which can lead to code injection vulnerabilities. Additionally, its recent creation and minimal activity contribute to a higher suspicion level.

  • High obfuscation risk due to eval usage
  • Signs of a newly created package with limited history
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell execution patterns detected, indicating no immediate signs of malicious activity.
  • Obfuscation: The use of eval with user input is highly suspicious and can be indicative of code injection attacks.
  • Credentials: No direct evidence of credential harvesting patterns was found in the provided snippet.
  • Metadata: The package shows signs of being newly created with minimal activity, raising suspicion for potential malicious intent.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • float: return eval(expression) """ def decorator(fn: Callable)
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 7.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
  • Very few commits: 2 total
  • Single contributor with only 2 commit(s) — possibly throwaway account
Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "JALLAD" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentlog-llm 
Create a mini-application named 'AI-Agent-Profiler' using Python and the 'agentlog-llm' package. This application will serve as a performance and cost monitoring tool for various AI agents executing different tasks, such as generating text, answering questions, or even performing more complex operations like code generation or image synthesis.

### Application Overview:
- **Functionality**: Monitor the performance and costs of multiple AI agents running concurrently or sequentially.
- **Features**:
  - **Agent Execution Tracking**: Record each agent's start and end times for their tasks.
  - **Latency Measurement**: Measure the time taken for each API call made by the agents.
  - **Cost Calculation**: Estimate the cost based on the provider's pricing model (e.g., per token for OpenAI).
  - **Tool Call Logging**: Log details about any tools called by the agents during execution.
  - **LLM Call Details**: Track details of each Large Language Model (LLM) call including parameters and responses.
  - **User Interface**: Develop a simple command-line interface for viewing logs and statistics.

### Steps to Implement:
1. **Setup Project Environment**: Initialize a Python project and install necessary packages, including 'agentlog-llm'.
2. **Define Agent Classes**: Create classes representing different types of AI agents capable of performing specific tasks.
3. **Integrate 'agentlog-llm'**: Use 'agentlog-llm' to log every action performed by the agents, including start/end times, latency, costs, and details of LLM and tool calls.
4. **Develop Monitoring Logic**: Implement logic to calculate and display performance metrics and costs for each agent.
5. **Build User Interface**: Design a CLI that allows users to view logs and performance statistics.
6. **Testing & Validation**: Test the application with a variety of AI agents to ensure accurate logging and performance tracking.
7. **Documentation**: Write clear documentation explaining how to use the application and interpret the logs and metrics.

### Utilizing 'agentlog-llm':
- Use 'agentlog-llm' to automatically capture and store metadata about each agent's actions, ensuring comprehensive traceability without manual intervention.
- Leverage 'agentlog-llm' to analyze the logged data, providing insights into the efficiency and cost-effectiveness of different AI agents.
- Explore advanced functionalities of 'agentlog-llm', such as real-time monitoring and alerting based on predefined thresholds.