agentpack-cli

v0.3.12 suspicious
4.0
Medium Risk

Local context engine for AI coding agents that ranks relevant files and builds task-focused context packs.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some unusual behaviors such as git and claude command executions, and the maintainer's lack of an established presence raises suspicion. However, there is no clear indication of malicious intent.

  • Unusual command executions (git and claude)
  • Maintainer has a new or inactive account
  • Lack of associated GitHub repository
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Git and claude command executions are unusual but may be part of the intended functionality; further investigation into the purpose of 'claude' is advised.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of secret or credential theft.
  • Metadata: The maintainer has a new or inactive account and lacks a GitHub repository, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (3.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (16797 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 453 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • st[str]) -> str: result = subprocess.run( ["git", *args], cwd=cwd, text=True,
  • args: list[str]) -> None: subprocess.run( ["git", *args], cwd=cwd, text=True,
  • agentpack)[/]\n") subprocess.run(["claude"]) else: console.print("[yellow
  • e.perf_counter() result = subprocess.run(stage.command, cwd=_root(), capture_output=True, text=True)
  • try: result = subprocess.run(["agentpack", "--version"], capture_output=True, text=True)
  • try: result = subprocess.run( ["git", "config", "--global", "init.templat
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentpack-cli 
Create a Python-based mini-application named 'CodeAssist' which leverages the 'agentpack-cli' package to enhance developer productivity. This tool will serve as a local context engine for AI coding assistants, ranking relevant code files and building task-focused context packs. Here’s a detailed breakdown of what your application should accomplish:

1. **Initialization**: Start by setting up a virtual environment for your project and installing 'agentpack-cli'. Ensure all necessary dependencies are listed in a requirements.txt file.
2. **Directory Integration**: Allow users to specify a directory containing their source code. Your application should then scan this directory and identify all Python files.
3. **Context Building**: Use 'agentpack-cli' to analyze these files and build a context pack that includes the most relevant files based on user-defined tasks or keywords. For example, if a user wants to work on a feature related to 'authentication', your app should prioritize and rank files that contain authentication-related code.
4. **Task Focused Contexts**: Enable users to define specific tasks or areas of focus (e.g., bug fixing, feature development). Based on the selected task, your application should automatically generate a context pack that prioritizes relevant files and snippets.
5. **User Interface**: Implement a simple command-line interface where users can interact with the application. Users should be able to input commands such as specifying directories, defining tasks, and viewing context packs.
6. **Documentation**: Provide comprehensive documentation explaining how to install and use the application, including examples of common use cases.
7. **Testing**: Include unit tests to ensure that the application functions correctly under various scenarios, such as different directory structures and varying task definitions.
8. **Customization**: Allow advanced users to customize the ranking algorithm used by 'agentpack-cli' through configuration files.

By following these steps, you'll create a powerful tool that enhances developer efficiency by providing quick access to relevant code snippets and files based on specific tasks.