agentsecure

v0.1.17 suspicious
8.0
High Risk

Local-first security runtime for AI coding agents

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits multiple high-risk behaviors including shell execution, network connections, and direct credential harvesting, suggesting potential malicious intent. While some elements like base64 obfuscation and metadata anomalies support this suspicion, more investigation is needed to confirm a supply-chain attack.

  • High shell and credential risks
  • Network connections pose significant threat
  • Suspicious metadata and obfuscation techniques
Per-check LLM notes
  • Network: The package establishes network connections which could be used for unauthorized data transmission or command and control communications.
  • Shell: The use of subprocess execution allows the package to run arbitrary commands on the host system, which could be exploited for malicious purposes.
  • Obfuscation: Base64 decoding could be legitimate but may also hide suspicious code or data.
  • Credentials: Directly requesting and reading secrets from user input is highly suspicious and likely indicates an attempt to harvest credentials.
  • Metadata: Suspicious non-HTTPS link and new maintainer account suggest potential risk, but insufficient evidence for high confidence.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (17599 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 308 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 37 commits in ShellFrameAI/agentsecure-community
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • ) -> None: upstream = socket.create_connection((host, port), timeout=30) self.send_response(200, "C
  • d.query connection = http.client.HTTPConnection(host, port, timeout=30) try: connection.
Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • try: decoded = base64.b64decode(header[len(prefix) :]).decode("utf-8", "replace") ex
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • str: try: return subprocess.check_output( ["cat", ".env"], cwd=demo_dir,
  • ] try: process = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, tex
  • me == "posix": return subprocess.Popen(argv, env=env, cwd=cwd, stdout=stdout, stderr=stderr, preexe
  • exec_fn=os.setsid) return subprocess.Popen(argv, env=env, cwd=cwd, stdout=stdout, stderr=stderr) def
  • oxy"] = "" process = subprocess.Popen( [real_tool] + args, env=env,
  • sys.argv[1:] raise SystemExit(subprocess.call(argv)) """ % tool [build-system] requires = ["setuptools>=4
Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • din.read().strip() return getpass.getpass("Real secret: ").strip() def discover_secrets(args: argpar
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://127.0.0.1:8765/providers/openai/v1
Git Repository History

Repository ShellFrameAI/agentsecure-community appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "ShellFrame AI" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentsecure 
Develop a secure code review tool named 'CodeGuard' using the Python package 'agentsecure'. This tool will be designed to assist developers in identifying potential security vulnerabilities in their codebases before they are committed to version control systems like Git. The application should provide real-time feedback as users write code, highlighting any insecure practices or potential risks based on predefined security policies.

Key Features:
1. Real-time Code Analysis: As users type, 'CodeGuard' should analyze the code for common security issues such as SQL injection, XSS attacks, and unsafe file operations.
2. Policy-Based Security Checks: Users should be able to define their own security policies, which 'CodeGuard' will use to evaluate the code. These policies could include rules about password storage, encryption usage, and API key management.
3. Secure Storage of Secrets: Implement a feature within 'CodeGuard' that allows developers to securely store secrets such as API keys, database passwords, etc., without exposing them in the code or version control systems.
4. Integration with Version Control Systems: 'CodeGuard' should integrate seamlessly with popular version control systems (e.g., Git), allowing it to automatically scan commits for security issues.
5. Detailed Reports: After analyzing a codebase, 'CodeGuard' should generate comprehensive reports detailing any security issues found, along with recommendations for remediation.

Utilizing 'agentsecure':
- Use 'agentsecure' to establish a local-first security context for the code analysis engine, ensuring that all evaluations are performed securely and locally, without exposing sensitive information to external services.
- Leverage 'agentsecure' to manage the secure storage and retrieval of user-defined policies and secrets, ensuring that this data remains confidential and tamper-proof.
- Integrate 'agentsecure' into the commit scanning process to validate that no unauthorized changes have been made to the security-sensitive parts of the codebase.