Package Metadata

Author: AgentSonar
Email: —
PyPI: agentsonar
Python: >=3.10
Versions: 30 releases
First release: 12 Apr 2026, 04:26 UTC
Analysed: 06 Jun 2026, 12:04 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some potential risks, particularly concerning shell execution and obfuscation techniques, which warrant closer scrutiny before full trust can be established.

Shell risk due to potential benign but unverified shell executions
Obfuscation risk from the use of pickle.loads for deserialization

Per-check LLM notes

Network: No network calls detected, indicating low risk.
Shell: Shell execution seems to be used for version checking and possibly other benign purposes, but requires further investigation into the context and purpose of these commands.
Obfuscation: The use of pickle.loads on engine_dict_bytes could indicate an attempt to hide the structure and content of the data, but it may also be used for legitimate purposes such as deserializing data.
Credentials: No patterns indicative of credential harvesting were found in the provided code snippet.
Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not enough to conclusively label it as malicious.

📦 Package Quality Overall: Medium (5.0/10)

✦ High Test Suite 9.0

Test suite present — 5 test file(s) found

Test runner config found: conftest.py
Test runner config found: pyproject.toml
5 test file(s) detected (e.g. conftest.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (23500 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

315 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 17 commits in agentsonar/agentsonar
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

ry: saved_dict = pickle.loads(engine_dict_bytes) except Exception: l

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

mixups. """ result = subprocess.run( [ sys.executable, "-m",
ort __version__ result = subprocess.run( [sys.executable, "-m", "agentsonar", "--version"],
errors. """ result = subprocess.run( [sys.executable, "-m", "agentsonar"], captu

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository agentsonar/agentsonar appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "AgentSonar" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentsonar

Create a mini-application named 'AgentWatcher' that leverages the 'agentsonar' package to monitor and manage multiple AI agents within a distributed system. This application should serve as a comprehensive dashboard for monitoring AI agent activities, ensuring compliance with governance policies, and optimizing costs through intelligent resource allocation.

**Core Features:**
1. **Agent Monitoring:** Real-time tracking of all active AI agents within the system, including their status, last activity timestamp, and any ongoing tasks.
2. **Governance Compliance:** Automated checks against predefined governance rules to ensure each agent adheres to established operational guidelines.
3. **Cost Optimization:** Implementation of a FinOps module that dynamically allocates resources based on agent activity levels, aiming to minimize costs without compromising performance.
4. **Custom Adapters Support:** Integration capabilities for various AI toolkits such as CrewAI, LangGraph, and custom orchestrators, allowing users to extend functionality.
5. **Alert System:** Notification system for critical events like policy violations, unexpected shutdowns, or significant cost overruns.

**How 'agentsonar' is Utilized:**
- Use 'agentsonar' to detect and classify different types of agents in the system, enabling tailored monitoring and management strategies.
- Leverage 'agentsonar' for governance enforcement by defining and applying rules that govern agent behavior, ensuring compliance with organizational standards.
- Implement 'agentsonar' to analyze usage patterns and predict future demand, facilitating proactive cost optimization measures.
- Employ 'agentsonar' to integrate seamlessly with diverse AI frameworks, enhancing the application's flexibility and adaptability.
- Utilize 'agentsonar' for real-time alerting mechanisms, providing immediate notifications on critical system events.

Your task is to design and develop this mini-application from scratch, ensuring it is modular, scalable, and easy to maintain. Additionally, provide detailed documentation and a user guide to facilitate deployment and operation.