Package Metadata

Author: —
Email: Microsoft Corporation <[email protected]>
PyPI: agentmesh_runtime
Python: >=3.11
Versions: 13 releases
First release: 26 Mar 2026, 04:24 UTC
Analysed: 06 Jun 2026, 11:06 UTC
Source files: 5 .py files scanned

Project Links

Bug Tracker Documentation Homepage Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Science/ResearchLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has legitimate shell execution patterns and no apparent obfuscation or credential risks, but the incomplete maintainer information and possible lack of network interactions for expected functionality raise some concerns.

Shell execution patterns present
Incomplete maintainer information

Per-check LLM notes

Network: No network calls detected, which is not unusual but could be concerning if network interaction was expected.
Shell: Shell execution patterns are present and may indicate the package performs system-level tasks, which should be reviewed for legitimacy and potential risks.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets and credentials.
Metadata: The maintainer's author information is incomplete and they seem to be new or inactive, which raises some concerns but does not strongly indicate malicious intent.

📦 Package Quality Overall: Medium (6.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

2 test file(s) detected (e.g. test_deploy.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/microsoft/agent-governance-toolkit/tree/m
Detailed PyPI description (4293 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
48 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

14 unique contributor(s) across 100 commits in microsoft/agent-governance-toolkit
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

" ".join(cmd)) return subprocess.run(cmd, capture_output=True, text=True, check=check, timeout=60
" ".join(cmd)) return subprocess.run(cmd, capture_output=True, text=True, check=check, timeout=12

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: microsoft.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository microsoft/agent-governance-toolkit appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentmesh_runtime

Develop a mini-application called 'SecureMeetingScheduler' using the 'agentmesh_runtime' package. This application will allow users to schedule secure meetings where participants from different security levels can join. The goal is to demonstrate the use of privilege rings, saga orchestration, and audit trails provided by 'agentmesh_runtime'. Here are the steps and features you should include:

1. **User Registration**: Users should be able to register with their roles (e.g., Admin, Participant). Each role has different privileges based on a predefined privilege ring.
2. **Meeting Creation**: An admin user can create a meeting session with a specified set of participants. The meeting details include a unique meeting ID and a time slot.
3. **Participant Joining**: Participants can join the meeting using the meeting ID. Only participants listed in the meeting creation request can join.
4. **Privilege Rings**: Implement a system where actions within the meeting (like starting the meeting, sharing documents) are restricted based on the participant's role. For example, only admins can start the meeting, but all participants can share documents.
5. **Saga Orchestration**: Use saga orchestration to ensure that if a participant tries to perform an action outside their privilege level, the operation is logged, and appropriate notifications are sent to admins.
6. **Audit Trails**: Maintain an audit log for every action performed during the meeting. This includes who did what, when, and whether the action was successful or not.
7. **Security Measures**: Ensure that all communications are encrypted and that no unauthorized access is possible. Use 'agentmesh_runtime' to enforce these security measures.

Your task is to design and implement this application, making sure to leverage the core features of 'agentmesh_runtime' effectively. Document your implementation choices and how they align with the package's capabilities.