Package Metadata

Author: AgentMesh Contributors
Email: —
PyPI: agentmesh-ai
Python: >=3.11
Versions: 2 releases
First release: 22 May 2026, 02:21 UTC
Analysed: 06 Jun 2026, 10:50 UTC
Source files: 48 .py files scanned

Project Links

Bug Tracker Changelog Documentation Homepage Repository

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Application Frameworks

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential shell execution and network interactions, though there is no clear evidence of malicious intent or credential harvesting.

moderate shell execution risk
network interaction risk

Per-check LLM notes

Network: Network calls appear to be part of normal API interactions but should be reviewed for the destination URL and data being sent.
Shell: Shell execution patterns may indicate automated testing or internal tooling, but could also suggest potential for executing arbitrary code which requires further investigation.
Obfuscation: The use of __import__ and json.dumps/loads might indicate an attempt to evade simple static analysis, but could also be used for legitimate purposes such as dynamic module loading and data serialization.
Credentials: No clear patterns indicating credential harvesting were detected.

📦 Package Quality Overall: Medium (5.0/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

Test runner config found: pyproject.toml
8 test file(s) detected (e.g. test_cli_dashboard.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/raghuece455/AgentMesh/tree/main/docs
Detailed PyPI description (13495 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

452 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 6 commits in raghuece455/AgentMesh
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

sonObject: http_request = urllib.request.Request(url, data=body, headers=headers, method="POST")
"POST") try: with urllib.request.urlopen(http_request, timeout=timeout_seconds) as response:
) monkeypatch.setattr("urllib.request.urlopen", fake_urlopen) provider = OpenAICompatibleProvi
ne) monkeypatch.setattr("urllib.request.urlopen", rate_limited) with pytest.raises(AgentMeshErro
ne) monkeypatch.setattr("urllib.request.urlopen", auth_failed) with pytest.raises(AgentMeshError
w") monkeypatch.setattr("urllib.request.urlopen", timeout) with pytest.raises(AgentMeshError) as

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

s"]: try: __import__(module) checks["optional_dependencies"][module] = True
metadata_path.write_text(__import__("json").dumps(self._documents, indent=2), encoding="utf-8") de
xists(): loaded = __import__("json").loads(metadata_path.read_text(encoding="utf-8"))

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

path("src")} completed = subprocess.run( [sys.executable, "-m", "agentmesh.cli", "--db", str
abspath("src")} export = subprocess.run( [sys.executable, "-m", "agentmesh.cli", "--db", str
env=env, ) imported = subprocess.run( [sys.executable, "-m", "agentmesh.cli", "--db", str
=env, ) otel_export = subprocess.run( [ sys.executable, "-m",
env=env, ) doctor = subprocess.run( [sys.executable, "-m", "agentmesh.cli", "--db", str
env=env, ) version = subprocess.run( [sys.executable, "-m", "agentmesh.cli", "version"],

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

⚠ Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:8790
Non-HTTPS external link: http://127.0.0.1:8787

⚠ Git Repository History score 2.5

Git history flags: All 6 commits happened within 24 hours

All 6 commits happened within 24 hours

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "AgentMesh Contributors" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentmesh-ai

Develop a real-time monitoring and analytics tool for a simulated distributed system using the 'agentmesh-ai' Python package. This tool will help users understand the performance and health of their system components in real-time. The application should include the following features:

1. **Component Simulation**: Simulate a few key components of a distributed system, such as a database, web server, and cache.
2. **Performance Metrics Collection**: Collect performance metrics from each component, including latency, throughput, error rates, and resource usage.
3. **Real-Time Dashboard**: Display these metrics on a dynamic dashboard that updates in real-time, allowing users to monitor the health and performance of each component.
4. **Traceability**: Implement traceability to track requests as they flow through different components, helping identify bottlenecks and issues.
5. **Alert System**: Set up an alert system that notifies users when certain thresholds are breached, indicating potential problems in the system.
6. **Customizable Agents**: Allow users to define custom agents to monitor additional components or specific metrics not covered by default.
7. **Extensibility**: Ensure the application is easily extendable to support new components and metrics without major code changes.

**Utilizing 'agentmesh-ai'**:
- Use 'agentmesh-ai' to manage the asynchronous communication between different components and collect performance data efficiently.
- Leverage its traceability features to ensure that all request paths are logged and can be reviewed for performance analysis.
- Employ the observability features to create comprehensive logs and metrics that can be used for the real-time dashboard.
- Utilize the dashboarding capabilities to visualize collected data and provide actionable insights to users.
- Take advantage of 'agentmesh-ai's extensibility to allow for easy integration of new components and customization options.

This project will serve as a practical example of how 'agentmesh-ai' can be used to build complex, real-time monitoring tools for distributed systems.