Package Metadata

Author: AgentSploit Contributors
Email: —
PyPI: agentsploit
Python: >=3.11
Versions: 1 release
First release: 19 May 2026, 23:21 UTC
Analysed: 06 Jun 2026, 12:05 UTC
Source files: 61 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 5 - Production/StableEnvironment :: ConsoleIntended Audience :: Information TechnologyLicense :: OSI Approved :: Apache Software LicenseOperating System :: MacOSOperating System :: Microsoft :: WindowsOperating System :: POSIXProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has moderate network interaction risk and suspicious metadata, which raises concerns about its legitimacy and potential for supply-chain attacks.

Moderate network risk
Suspicious metadata with non-HTTPS links and low repository activity

Per-check LLM notes

Network: Network calls may be legitimate for an exploit tool to fetch modules or payloads, but warrant scrutiny.
Shell: No shell execution patterns detected.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
Metadata: Suspicious non-HTTPS link and low activity on repository suggest potential risks.

📦 Package Quality Overall: Medium (5.4/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/agentsploit/agentsploit/tree/main/docs
Detailed PyPI description (16282 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

142 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 5.0

Limited contributor diversity

1 unique contributor(s) across 24 commits in agentsploit/agentsploit
Single author but highly active (24 commits)

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

get(target) http_client = httpx.AsyncClient( headers=credentials.merged_headers(), timeo
try: async with httpx.AsyncClient( verify=credentials.verify_tls,

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:8800

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Only one version has ever been released — brand new package
Author "AgentSploit Contributors" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agentsploit

Develop a mini-application named 'AgentDefender' using the Python package 'agentsploit'. This tool aims to help security professionals understand potential vulnerabilities in AI agents and MCP (Multi-Client Protocol) servers by simulating attacks. The application should include the following core functionalities:

1. **Attack Simulation**: Implement various attack scenarios such as denial of service, unauthorized access, and data tampering on AI agents and MCP servers. Use 'agentsploit' to generate payloads and exploit vectors.
2. **Vulnerability Scanning**: Integrate 'agentsploit' to scan for known vulnerabilities in AI agent and MCP server configurations. The application should provide a report detailing any found weaknesses.
3. **Security Assessment Reports**: After running attack simulations and vulnerability scans, 'AgentDefender' should compile detailed reports. These reports should include a summary of findings, severity levels, and recommended actions.
4. **Interactive Interface**: Develop a user-friendly command-line interface (CLI) for 'AgentDefender', allowing users to easily run scans and simulations, view results, and generate reports.
5. **Customizable Attack Profiles**: Allow users to create custom attack profiles within 'AgentDefender'. This feature will enable security teams to tailor their testing based on specific threat models or hypotheses.
6. **Integration with External Tools**: Optionally, explore integrating 'AgentDefender' with external security tools like SIEM systems for real-time monitoring and alerting during tests.

The application should leverage 'agentsploit' for its offensive security capabilities, specifically focusing on how it can be used to identify and mitigate risks associated with AI-driven systems and MCP servers.