Package Metadata

Author: —
Email: Microsoft Corporation <[email protected]>
PyPI: agentmesh_langchain
Python: >=3.9
Versions: 4 releases
First release: 30 Apr 2026, 18:37 UTC
Analysed: 06 Jun 2026, 10:58 UTC
Source files: 8 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.9Topic :: Security :: CryptographyTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SAFE

The package appears to be designed for cryptographic identity verification and trust management within the LangChain framework, with no indications of malicious activity. While there are some minor concerns regarding metadata completeness and key obfuscation, these do not significantly elevate the risk.

No network or shell risks detected
Incomplete author metadata
Base64 decoding used for key handling

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external communications.
Shell: No shell execution detected, reducing the risk of unauthorized system command execution.
Obfuscation: The use of base64 decoding for keys suggests some form of obfuscation, but it is common practice in handling cryptographic keys.
Credentials: No clear patterns indicating credential harvesting were found.
Metadata: The author's information is incomplete, which raises some concern but does not strongly indicate malicious intent.

📦 Package Quality Overall: Medium (7.0/10)

✦ High Test Suite 9.0

Test suite present — 2 test file(s) found

Test runner config found: pyproject.toml
2 test file(s) detected (e.g. __init__.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/microsoft/agent-governance-toolkit/tree/m
Detailed PyPI description (2721 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

57 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

14 unique contributor(s) across 100 commits in microsoft/agent-governance-toolkit
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

private_key_bytes = base64.b64decode(self.private_key) private_key_obj = ed25519.Ed25
public_key_bytes = base64.b64decode(self.public_key) public_key_obj = ed25519.Ed
signature_bytes = base64.b64decode(signature.signature) public_key_obj.verify(s

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: microsoft.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository microsoft/agent-governance-toolkit appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentmesh_langchain

Create a secure document sharing platform using the 'agentmesh_langchain' Python package. This platform will allow users to share documents with each other while ensuring that only authorized individuals can access the shared content. Here's a detailed breakdown of the steps and features to implement:

1. **Setup User Authentication**: Implement a user registration and login system where users can create their cryptographic identities using the 'agentmesh_langchain'. This will ensure that each user has a unique and secure way of being identified within the system.

2. **Document Upload**: Users should be able to upload documents onto the platform. Each document must be encrypted before storage to protect its contents from unauthorized access.

3. **Access Control**: Utilize 'agentmesh_langchain' to manage who can access which documents based on pre-defined permissions. For example, a user might only be allowed to view certain documents but not edit them.

4. **Secure Communication**: Integrate 'agentmesh_langchain' to enable secure communication between users when they exchange information about document access rights or other relevant details.

5. **Audit Trail**: Maintain a log of all actions performed on the documents such as who accessed them, when they were accessed, and what changes were made if any. This audit trail should also be secured using 'agentmesh_langchain' to prevent tampering.

6. **User Interface**: Develop a simple yet intuitive web interface where users can perform all these actions easily. The UI should reflect the security measures taken behind the scenes, making it clear to users that their data is protected.

7. **Testing and Deployment**: Thoroughly test the application for both functionality and security. Once satisfied, deploy the application to a cloud environment where it can be accessed publicly.

This project aims to demonstrate the practical use of cryptographic identity and trust-gated tool execution provided by 'agentmesh_langchain', showcasing how these technologies can enhance the security of online services.