agentshield-audit

v1.0.34 suspicious
6.0
Medium Risk

Trust Infrastructure for AI Agents – Security audits, cryptographic certificates, and Trust Handshake Protocol

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its network and shell command usage, which although potentially legitimate, lack sufficient documentation and verification. The obfuscation and metadata anomalies add to the suspicion.

  • network risk due to external API calls
  • shell execution risk
  • obfuscation through base64 encoding
Per-check LLM notes
  • Network: The package makes network calls to an external API, which could be legitimate but requires verification of the API's purpose and security.
  • Shell: Execution of shell commands may be part of the intended functionality, but it increases risk if not properly sanitized or controlled.
  • Obfuscation: The code uses base64 encoding for signing and decoding operations which could be used to obscure the actual logic or data being processed.
  • Credentials: No clear patterns of credential harvesting were detected.
  • Metadata: The package shows some red flags such as an author with a missing or short name and a new or inactive account, but no concrete evidence of malicious intent.

📦 Package Quality Overall: Medium (5.6/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. echoleak_test.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/bartelmost/agentshield/blob/main/docs/API
  • Detailed PyPI description (8592 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 76 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 31 commits in bartelmost/agentshield
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • LD_API self.session = requests.Session() def initiate_audit( self, agent_n
  • ent_id}\n") status = requests.get(f"{API}/trust-handshake/status/{args.handshake_id}").json()
  • al))).decode() res = requests.post(f"{API}/trust-handshake/complete", json={ "handshake
  • try: response = requests.post(url, json=payload, timeout=60) # Increased for cold starts
  • try: response = requests.post( f"{AGENTSHIELD_API}/api/agent-audit/initiate",
  • ure } response = requests.post( f"{AGENTSHIELD_API}/api/agent-audit/challenge",
Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

  • g = base64.b64encode(key.sign(base64.b64decode(chal))).decode() res = requests.post(f"{API}/trust-
  • eKey private_bytes = base64.b64decode(private_key_b64) private_key = Ed25519PrivateKey.from_pr
  • ry: decoded = base64.b64decode(snippet).decode('utf-8', errors='ignore') #
  • public_bytes = base64.b64decode(public_key) ed_public_key = Ed25519PublicKey.from_pu
  • sig_bytes = base64.b64decode(signature) ed_public_key.verify(sig_bytes, challenge
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • and try: result = subprocess.run( ['openclaw', '--version'], capture_
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentshield-audit 
Create a mini-application called 'AI Agent Auditor' which leverages the 'agentshield-audit' package to perform security audits on AI agents. This application should be able to connect to various AI agents, request a trust handshake, and evaluate the agent's security posture based on provided cryptographic certificates. Here’s how the application should function:

1. **Agent Discovery**: Allow users to input URLs or endpoints where AI agents are hosted.
2. **Trust Handshake Initiation**: Use 'agentshield-audit' to initiate a trust handshake with the AI agent. This involves exchanging cryptographic certificates to verify the identity of both parties.
3. **Security Audit**: Perform a comprehensive security audit using 'agentshield-audit'. This includes checking for vulnerabilities, verifying the integrity of the cryptographic certificates, and ensuring compliance with security standards.
4. **Report Generation**: Once the audit is complete, generate a detailed report that outlines the findings, including any identified risks or vulnerabilities.
5. **Recommendations**: Provide actionable recommendations for improving the security posture of the AI agent.

Suggested Features:
- User-friendly interface for inputting agent details.
- Real-time feedback during the trust handshake process.
- Detailed breakdown of the security audit findings.
- Option to export the audit report in PDF or CSV format.
- Integration with popular AI agent frameworks.

How 'agentshield-audit' is Utilized:
- For initiating the trust handshake protocol and exchanging cryptographic certificates.
- To conduct the security audits, leveraging its built-in tools for vulnerability scanning and certificate verification.
- For generating reports based on the audit results.

This application aims to empower users with the ability to ensure the security and trustworthiness of AI agents they interact with.