agentmesh-proto

v0.1.0 suspicious
7.0
High Risk

Peer-to-peer agent discovery and communication network

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high shell execution risk and moderate network and metadata risks, which collectively suggest potential for misuse or malicious intent.

  • High shell risk due to arbitrary code execution
  • Moderate network risk requiring further investigation
Per-check LLM notes
  • Network: Network calls are typical for packages that require external communications, but the variety and purpose need further investigation.
  • Shell: Execution of arbitrary code via subprocess.run is highly suspicious and could indicate potential for malicious activity.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new and lacks detailed maintainer information, raising some suspicion but not conclusive evidence of malice.

πŸ“¦ Package Quality Overall: Medium (5.6/10)

✦ High Test Suite 9.0

Test suite present β€” 14 test file(s) found

  • Test runner config found: pyproject.toml
  • 14 test file(s) detected (e.g. test_auth.py)
β—ˆ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/arshadvani3/AgentMesh#readme
  • Detailed PyPI description (20459 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 172 type-annotated function signatures detected in source
β—ˆ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 32 commits in arshadvani3/AgentMesh
  • Single author but highly active (32 commits)

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • try: async with httpx.AsyncClient(timeout=15, follow_redirects=False) as client:
  • _fetch(): async with httpx.AsyncClient() as client: try: resp = await c
  • .agent_id async with httpx.AsyncClient(timeout=10.0) as client: resp = await client.pos
  • _clients() async with httpx.AsyncClient(timeout=10.0) as client: await client.delete(
  • ) async with httpx.AsyncClient(timeout=10.0) as client: resp = await client.pos
  • try: async with httpx.AsyncClient(timeout=5.0) as client: await client.post(
βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • } try: result = subprocess.run( [sys.executable, "-c", code], captu
  • cmd.append("--reload") subprocess.run(cmd) # ---------------------------------------------------
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository arshadvani3/AgentMesh appears legitimate

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released β€” brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with agentmesh-proto 
Create a decentralized messaging application using the 'agentmesh-proto' package. This application will allow users to communicate with each other in a peer-to-peer network without the need for centralized servers. Here’s a step-by-step guide on how to build it:

1. **Setup**: Begin by setting up your development environment with Python and installing the 'agentmesh-proto' package.
2. **Peer Discovery**: Implement a feature where peers can discover each other within the network. Use 'agentmesh-proto' to facilitate this process, ensuring that peers can connect and exchange messages.
3. **Message Sending & Receiving**: Develop the functionality for sending and receiving messages between connected peers. Ensure that messages are encrypted for security purposes.
4. **User Interface**: Design a simple user interface that allows users to add contacts, send messages, and view their chat history.
5. **Optional Features**: Consider adding advanced features such as file sharing, group chats, and end-to-end encryption.
6. **Testing**: Thoroughly test the application to ensure reliable peer discovery, secure message transmission, and a smooth user experience.
7. **Deployment**: Once testing is complete, deploy the application so that others can use it and provide feedback.

Use 'agentmesh-proto' to manage the underlying peer-to-peer network infrastructure, focusing on its capabilities for agent discovery and communication. This project aims to demonstrate the practical application of decentralized networking technologies in everyday tools.