Package Metadata

Author: Agent Tool Registry Contributors
Email: Microsoft Corporation <[email protected]>
PyPI: agentmesh_tool_registry
Python: >=3.8
Versions: 5 releases
First release: 30 Apr 2026, 18:28 UTC
Analysed: 06 Jun 2026, 11:06 UTC
Source files: 23 .py files scanned

Project Links

Changelog Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Science/ResearchLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.9

🤖 AI Analysis

Final verdict: SAFE

The package shows minimal risk indicators and does not suggest any malicious intent or supply-chain attack. It has low scores across all risk categories except for obfuscation and metadata, which are considered benign.

Low network and shell risks
No evidence of credential harvesting
Safe obfuscation techniques used

Per-check LLM notes

Network: Network calls are expected if the package interacts with external services.
Shell: No shell execution patterns were detected.
Obfuscation: The observed obfuscation technique appears to be a safe method of expression parsing without using eval() or exec(), which reduces the risk of code injection attacks.
Credentials: No patterns indicative of credential harvesting have been detected.
Metadata: The author has only one package, suggesting it might be a new or less active account, but no other red flags are present.

📦 Package Quality Overall: Medium (6.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/microsoft/agent-governance-toolkit#readme
Detailed PyPI description (6188 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
211 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

14 unique contributor(s) across 100 commits in microsoft/agent-governance-toolkit
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

try: request = urllib.request.Request(self.url, method=self.method, headers=self.headers)
lf.headers) with urllib.request.urlopen(request, timeout=self.timeout) as response:
RL.''' return requests.get(url, timeout=timeout).text Advanced usage with vers
) async with aiohttp.ClientSession(timeout=timeout) as session: async with session.

⚠ Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

matical operations with: - No eval() or exec() usage - Expression parsing with allowed operatio
. Features: - No eval()/exec() - uses safe expression parser - Whitelisted ope
erations. No eval()/compile() — walks the AST tree and computes results
- Date arithmetic - No eval() or exec() Example: ```python dt =

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: microsoft.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository microsoft/agent-governance-toolkit appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Agent Tool Registry Contributors" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentmesh_tool_registry

Create a decentralized tool-sharing platform for AI agents using the 'agentmesh_tool_registry' package. This platform will enable AI agents to share their unique capabilities, such as data processing, natural language understanding, and machine learning tasks, with other agents in a secure and efficient manner. Users will be able to register their agent's tools, discover available tools from other agents, and invoke these tools directly within their own workflows. Here’s a step-by-step guide on how to develop this application:

1. **Setup Environment**: Begin by setting up your development environment with Python installed and the necessary packages including 'agentmesh_tool_registry'. Ensure you have a basic understanding of blockchain technology as the registry operates on a decentralized ledger.

2. **Tool Registration**: Develop a feature where users can register their AI agent's tools in the registry. Each tool should be associated with metadata such as name, description, input/output formats, and any required permissions. Utilize the 'agentmesh_tool_registry' package to handle the registration process, ensuring that all data is stored securely and transparently on the blockchain.

3. **Discovery Mechanism**: Implement a search functionality that allows users to browse through registered tools based on various criteria like category, tags, or specific functionalities. Use the 'agentmesh_tool_registry' API to query the blockchain for relevant information.

4. **Invocation Interface**: Create an interface that enables users to invoke any registered tool directly from their agent. This should include handling the communication between different agents, passing parameters, and receiving results. Leverage the 'agentmesh_tool_registry' package to manage these interactions securely and efficiently.

5. **Security & Privacy**: Ensure that the platform maintains high standards of security and privacy. Implement measures to protect user data and ensure that only authorized agents can access certain tools. The 'agentmesh_tool_registry' package should provide built-in mechanisms for securing transactions and verifying identities.

6. **User Management**: Develop a system for managing user accounts, including registration, login, and profile management. Consider integrating OAuth or similar authentication methods for enhanced security.

7. **Monitoring & Analytics**: Add features for monitoring the usage of each tool and generating analytics reports. This could help both users and developers understand the popularity and effectiveness of their tools.

8. **Testing & Deployment**: Thoroughly test your application to ensure it works as expected under various conditions. Once satisfied with its performance, deploy the application on a suitable hosting service.

By following these steps and utilizing the 'agentmesh_tool_registry' package effectively, you'll create a powerful tool-sharing platform that fosters collaboration among AI agents.