agi-apps

v2026.6.4 suspicious
5.0
Medium Risk

AGILAB public app package umbrella and example assets

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network, shell, obfuscation, and credential handling, but its newness and the limited history of the maintainer raise concerns about potential supply-chain attacks.

  • New package with limited maintainer history
  • Use of shell execution for command version checks needs further investigation
Per-check LLM notes
  • Network: No network calls detected, which is normal and expected.
  • Shell: Shell execution appears to be used for command version checks, indicating benign use but requires further investigation into the specific commands executed.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new and the maintainer has limited history with PyPI, which could indicate potential risk.

📦 Package Quality Overall: Medium (6.4/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://thalesgroup.github.io/agilab
  • Detailed PyPI description (2053 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 142 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 5 unique contributor(s) across 69 commits in ThalesGroup/agilab
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • try: completed = subprocess.run( [command, "--version"], check=False
  • try: completed = subprocess.run(command, check=False, env=_child_uv_env()) except OSErro
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository ThalesGroup/agilab appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package is very new: uploaded 3 day(s) ago
  • Author "Jean-Pierre Morard" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agi-apps 
Create a weather forecasting mini-app using the Python package 'agi-apps'. This app should provide users with current weather conditions and forecasts for any city they input. The application will utilize 'agi-apps' for its core functionalities, such as data fetching and processing, which are essential for integrating external APIs and handling geographic data efficiently.

Step-by-Step Guide:
1. **Setup Project Environment**: Initialize a new Python project and install the necessary packages including 'agi-apps'.
2. **API Integration**: Use 'agi-apps' to integrate with a weather API (such as OpenWeatherMap). Configure the API key and set up functions to fetch current weather data and forecast information based on user inputs.
3. **User Interface**: Develop a simple command-line interface (CLI) where users can enter their city name and choose between viewing current weather conditions or a forecast. Implement error handling for invalid inputs.
4. **Data Display**: Utilize 'agi-apps' features to process and display the fetched data in a readable format. Include details like temperature, humidity, wind speed, and forecasted weather conditions for the next few days.
5. **Geolocation Features**: Enhance the app by allowing users to find their location automatically (using IP geolocation services) and display the local weather without needing to manually input a city name.
6. **Scheduling Updates**: Implement a feature that allows users to schedule regular updates of weather conditions and forecasts at specific intervals (e.g., every hour).
7. **Testing & Deployment**: Thoroughly test the application to ensure all features work correctly. Deploy the application to a cloud service (like AWS or Heroku) so it can be accessed via a web interface or CLI from anywhere.

Suggested Features:
- Interactive CLI for easy user interaction.
- Real-time weather updates.
- Detailed weather forecasts for up to 7 days.
- Geolocation support for automatic location detection.
- User-friendly data presentation.
- Scheduled updates for continuous monitoring of weather changes.

How 'agi-apps' is Utilized:
- For fetching and parsing weather data from external APIs.
- For handling geographic data to accurately determine and display location-specific information.
- For scheduling tasks to automate regular weather updates.
- For processing and formatting the retrieved data into a user-readable format.