agentwright

v0.1.0 suspicious
4.0
Medium Risk

agentwright: typed, composable primitives for building, validating, and running AI agents.

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package shows some potential red flags, particularly concerning metadata and shell execution risks, but lacks clear indicators of malicious behavior.

  • Metadata risk due to recent repository creation, low activity, and single contributor.
  • Shell execution risk due to use of 'subprocess.run' with 'shell=True'.
Per-check LLM notes
  • Network: No network calls detected, which is neutral from a risk perspective.
  • Shell: Shell execution with 'subprocess.run' and 'shell=True' can introduce risks if the commands executed are not controlled or sanitized, potentially leading to security vulnerabilities.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of credential theft.
  • Metadata: The repository and maintainer history indicate potential red flags such as recent creation, low activity, and single contributor, suggesting possible malicious intent.

πŸ“¦ Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present β€” 15 test file(s) found

  • Test runner config found: pyproject.toml
  • 15 test file(s) detected (e.g. test_agent_consumer.py)
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (10404 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 163 type-annotated function signatures detected in source
β—‹ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 1 commits in abrahamjunzou/agentwright
  • Single author with few commits β€” possibly a personal or throwaway project

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • try: proc = subprocess.run( command, shell=True,
  • command, shell=True, cwd=str(work), capture_out
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com>

βœ“ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 10.0

Git history flags: Repository created very recently: 4 day(s) ago (2026-06-02T00:55:48Z)

  • Repository created very recently: 4 day(s) ago (2026-06-02T00:55:48Z)
  • Repository has zero stars and zero forks
  • Very few commits: 1 total
  • Single contributor with only 1 commit(s) β€” possibly throwaway account
⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released β€” brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with agentwright 
Your task is to develop a mini-application that helps users manage and validate simple AI agents using the 'agentwright' Python package. This tool will allow users to define, validate, and run AI agents with ease. Here’s a step-by-step guide on what your application should do:

1. **Setup**: Ensure your environment is set up correctly with all necessary packages installed, including 'agentwright'.
2. **Agent Definition**: Allow users to define their own AI agents through a user-friendly interface or configuration file. Each agent should have specific attributes like name, description, input/output types, etc.
3. **Validation**: Implement a feature to validate the defined agents based on the rules provided by 'agentwright'. This ensures that each agent meets certain criteria before it can be run.
4. **Execution**: Once validated, provide functionality to execute these agents. Users should be able to see the output of the agents they've created or imported.
5. **Results Visualization**: Offer a way to visualize the results of the executed agents, such as graphs or tables, to help users understand the performance of their agents better.
6. **Documentation & Help**: Include comprehensive documentation and a help section to guide users through the process of defining, validating, and running agents.

**Suggested Features**:
- Support for multiple agent definitions within a single project.
- Integration with popular machine learning frameworks to enhance agent capabilities.
- Real-time validation feedback during agent definition.
- Export/import functionalities for agent definitions.
- User-friendly GUI or CLI options for interaction.

**How to Utilize 'agentwright'**:
- Use 'agentwright' to define the structure and types of your agents.
- Leverage its validation capabilities to ensure that the agents meet the specified criteria.
- Employ 'agentwright' to run and manage the execution of the agents.

By following these guidelines, you'll create a powerful yet easy-to-use tool for managing AI agents.