agentpm

v0.1.6 suspicious
4.0
Medium Risk

AgentPM™ Python SDK

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to the potential for shell command execution and concerns over the package metadata.

  • Shell risk detected due to potential for executing arbitrary commands.
  • Unknown author and low activity in the git repository raise concerns.
Per-check LLM notes
  • Network: No network calls detected, which is low risk.
  • Shell: Detection of shell execution suggests potential for executing arbitrary commands, indicating some risk.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows some red flags such as an unknown author and low activity in the git repository, but there's no clear evidence of typosquatting or other malicious intent.

📦 Package Quality Overall: Medium (5.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (8585 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • Type checker (mypy / pyright / pytype) referenced in project
  • 45 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 78 commits in agentpm-dev/sdk-python
  • Single author but highly active (78 commits)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • n (cwd = tool_cwd) proc = subprocess.Popen( cmd, cwd=str(tool_cwd), env=env,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: agentpm.dev>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentpm 
Create a mini-application called 'AgentTaskMaster' using the 'agentpm' Python SDK. This application will serve as a task management tool tailored for project managers and teams, leveraging the capabilities of the 'agentpm' package to streamline task assignment, tracking, and completion processes. Here’s a step-by-step guide on how to develop this application:

1. **Setup Project Environment**: Begin by setting up a new Python virtual environment and installing the 'agentpm' package along with any necessary dependencies.
2. **Design User Interface**: Design a simple yet intuitive command-line interface (CLI) for users to interact with the application. This CLI should allow users to view tasks, add new tasks, update task statuses, and delete completed tasks.
3. **Implement Core Functionality**: Utilize the 'agentpm' package to manage task assignments. Each task should have attributes such as title, description, assigned team member, deadline, and status (e.g., pending, in progress, completed).
4. **Task Management Features**: Implement features that allow for easy task management. Users should be able to filter tasks based on status, assign tasks to specific team members, and set deadlines.
5. **Integration with External Tools**: Explore integrating 'AgentTaskMaster' with external tools like email notifications or calendar applications to keep team members informed about their tasks and deadlines.
6. **User Authentication and Authorization**: Add basic user authentication to ensure that only authorized personnel can access and modify tasks.
7. **Data Persistence**: Ensure that data is stored persistently even after the application is closed. Consider using SQLite or another lightweight database solution.
8. **Testing and Documentation**: Write tests for your application to ensure its reliability and functionality. Also, create comprehensive documentation to guide users through the setup and usage of 'AgentTaskMaster'.

By following these steps, you'll develop a powerful and user-friendly task management application that significantly enhances productivity and organization within teams.