agentsloop-cli

v0.1.7 suspicious
4.0
Medium Risk

CLI and TUI for orchestrating agent loops with Gemini CLI and Codex CLI.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is potentially suspicious due to its attempt to access the default SSH private key file, indicating possible unauthorized credential harvesting. However, it does not exhibit signs of active malicious behavior or network risks.

  • Attempted access to default SSH private key file
  • Author has only one package, suggesting a less active or new account
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Shell executions are used for git operations and may be part of the package's intended functionality for version control.
  • Obfuscation: No obfuscation patterns detected.
  • Credentials: The code attempts to access the default SSH private key file, which could indicate potential unauthorized credential harvesting unless justified within the context of the application.
  • Metadata: The author has only one package, suggesting a new or less active account which could be suspicious.

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. test_agentsloop.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2666 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 176 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 4 commits in Thomas97460/AgentsLoop-CLI
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • ository root.""" result = subprocess.run( ["git", "rev-parse", "--show-toplevel"], cw
  • t repository.""" result = subprocess.run( ["git", "branch", "--show-current"], cwd=re
  • err, ): process = subprocess.Popen( ["bash", "-lc", state.config.validation_command
  • eted process.""" result = subprocess.run( ["git", *args], cwd=cwd, env=env,
  • err, ): process = subprocess.Popen( command.args, cwd=cwd,
  • as log_handle: return subprocess.Popen( command, cwd=run_dir, s
Credential Harvesting score 5.0

Found 2 credential access pattern(s)

  • default_key = Path("~/.ssh/id_rsa").expanduser() project_context = ProjectContex
  • l, ssh_key_path=Path("~/.ssh/id_rsa").expanduser(), base_branch="main", loop_li
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository Thomas97460/AgentsLoop-CLI appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "AgentsLoop CLI contributors" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentsloop-cli 
Create a mini-application named 'AgentOrchestrator' using the Python package 'agentsloop-cli'. This application will serve as a user-friendly interface to manage and orchestrate various agent loops through the command line and terminal user interface (TUI). The goal of 'AgentOrchestrator' is to simplify the process of initiating, monitoring, and managing different agent loops that interact with Gemini and Codex APIs.

Step-by-Step Instructions:
1. Initialize the project structure and install 'agentsloop-cli' along with other necessary dependencies.
2. Design a command-line interface (CLI) that allows users to start, stop, and monitor agent loops.
3. Implement a TUI that visually represents the status of each running agent loop, including metrics like response time and success rate.
4. Integrate support for both Gemini and Codex APIs, allowing users to specify which API they want to use for their agent loops.
5. Add functionality to log all interactions and results from the agent loops into a structured file for later analysis.
6. Ensure the application is robust, handling errors gracefully and providing clear feedback to the user.
7. Document the installation process, configuration steps, and usage examples for new users.

Suggested Features:
- Customizable logging levels (info, warning, error).
- Ability to pause and resume agent loops without restarting them.
- Option to set limits on the number of concurrent agent loops.
- Integration with external tools for real-time monitoring and alerts.
- Support for importing and exporting configurations.

How 'agentsloop-cli' is Utilized:
- Use 'agentsloop-cli' commands to initialize and manage agent loops directly from the CLI.
- Leverage 'agentsloop-cli' to create and customize agent loop configurations easily.
- Employ 'agentsloop-cli' functionalities to integrate with Gemini and Codex APIs seamlessly.
- Rely on 'agentsloop-cli' for handling the backend logic of the agent loops, allowing you to focus on building the frontend UI/UX.