Package Metadata

Author: —
Email: —
PyPI: agentmesh-mcp
Python: >=3.10
Versions: 1 release
First release: 03 Jun 2026, 10:49 UTC
Analysed: 06 Jun 2026, 10:52 UTC
Source files: 8 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Programming Language :: Python :: 3.14Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows a moderate risk level primarily due to the high metadata risk and the potential for command injection through the use of shell=True with subprocess.run.

High metadata risk due to recent repository creation, low activity, single contributor, and new package author.
Potential command injection vulnerability from the use of shell=True with subprocess.run.

Per-check LLM notes

Network: No network calls detected, which is normal and not indicative of malicious activity.
Shell: The use of shell=True with subprocess.run can be risky as it may lead to command injection vulnerabilities if not properly sanitized, suggesting potential security issues.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
Credentials: No credential harvesting patterns detected, indicating safe handling of secrets and credentials.
Metadata: High risk due to recent repository creation, low activity, single contributor, and new package author.

📦 Package Quality Overall: Low (4.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (5869 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

24 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 4 commits in fedegonzalezm-coder/agentmesh
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

] try: result = subprocess.run( cmd, capture_output=True,
) try: result = subprocess.run( stripped, shell=True, c
stripped, shell=True, capture_output=True, text=True,

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 10.0

Git history flags: Repository created very recently: 3 day(s) ago (2026-06-03T10:27:25Z)

Repository created very recently: 3 day(s) ago (2026-06-03T10:27:25Z)
Repository has zero stars and zero forks
Single contributor with only 4 commit(s) — possibly throwaway account
All 4 commits happened within 24 hours

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentmesh-mcp

Create a mini-application called 'MCP Chat Manager' using the Python package 'agentmesh-mcp'. This application will serve as a versatile chat management tool designed to facilitate multiple persistent chat sessions between users and an AI like Claude, ensuring each session maintains its unique context and history.

Step 1: Setup the Project
- Initialize a new Python virtual environment.
- Install 'agentmesh-mcp' and other necessary dependencies.

Step 2: Design the Application Architecture
- Create a main module to handle the initialization of the MCP server.
- Develop a user interface module for interacting with the MCP server.
- Implement a session management module to manage individual chat sessions.

Step 3: Core Features Implementation
- **Persistent Expert Sessions**: Each user should be able to start a new chat session or join an existing one with a specific expert (AI).
- **Context Isolation**: Ensure that conversations in one session do not interfere with those in another, maintaining the integrity and privacy of each conversation.
- **Message History Persistence**: Store messages exchanged during a session so that users can revisit past interactions.
- **User Authentication**: Implement basic authentication to ensure only authorized users can initiate or join sessions.

Step 4: Integration and Testing
- Test the application thoroughly to ensure all functionalities work as expected.
- Integrate error handling mechanisms to gracefully manage any exceptions.
- Optimize the application for performance and usability.

How 'agentmesh-mcp' is Utilized:
- Use 'agentmesh-mcp' to initialize and run the MCP server which will act as the backbone of your chat management system.
- Leverage the package's capabilities for managing multiple agents (experts) and their sessions.
- Utilize the provided APIs for session creation, message sending/receiving, and context management.

Additional Enhancements:
- Implement a feature to allow users to export chat histories.
- Add support for real-time notifications when a new message arrives.
- Integrate a logging mechanism to track user activities and errors.