agience-flare-dkg-integration

v0.4.0 safe
4.0
Medium Risk

Governed authoring layer above DKG v10: commit-gated Agience artifacts, policy-controlled projection, FLARE confidentiality, typed agience: RDF Knowledge Assets.

🤖 AI Analysis

Final verdict: SAFE

The package exhibits minimal risks across all categories with no signs of malicious behavior. While it has a low maintainer activity level, there is no evidence to suggest a supply-chain attack.

  • Low network risk
  • No shell execution or obfuscation detected
  • Safe handling of credentials
Per-check LLM notes
  • Network: Network calls are typical for packages needing to fetch data from external sources, but should be reviewed for legitimacy and necessity.
  • Shell: No shell execution patterns detected, which is expected and safe.
  • Obfuscation: No obfuscation patterns detected, suggesting legitimate use without risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating safe handling of secrets and credentials.
  • Metadata: The package shows signs of low maintainer activity and metadata quality, but there are no clear indications of malicious intent.

📦 Package Quality Overall: Low (4.6/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3566 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 34 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 32 commits in Muffinman75/agience-flare-dkg-integration
  • Single author but highly active (32 commits)

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • try: with httpx.Client(timeout=self._timeout) as http: r = http.get
  • nse. """ with httpx.Client(timeout=self._timeout) as http: init_r = http.po
  • cp-session-id") with httpx.Client(timeout=httpx.Timeout(self._timeout, read=None)) as http:
  • try: with httpx.Client(timeout=5.0) as http: r = http.get(f"{self.b
  • Dict[str, Any]: with httpx.Client(timeout=self._timeout) as http: r = http.post(f"
  • Dict[str, Any]: with httpx.Client(timeout=self._timeout) as http: r = http.get(f"{
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: outlook.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository Muffinman75/agience-flare-dkg-integration appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agience-flare-dkg-integration 
Build a simple Python application using the agience-flare-dkg-integration package to demonstrate its core features.