agiliti

v0.1.0 suspicious
5.0
Medium Risk

(No description)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to potential shell command misuse and metadata inconsistencies. While there's no direct evidence of malicious activity, the unusual usage of subprocess.run and lack of critical metadata raise concerns.

  • shell risk due to subprocess.run usage
  • metadata inconsistencies
Per-check LLM notes
  • Network: No network calls detected, which is normal and not suspicious.
  • Shell: The use of subprocess.run to execute 'agiliti install' commands suggests the package may be intended to manage its own installation or configuration, but could indicate potential risk if the commands are used unexpectedly or with elevated privileges.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, indicating secure handling of sensitive information.
  • Metadata: The package shows several red flags including lack of maintainer history, missing author details, and no PyPI classifiers, indicating low effort or potential malintent.

📦 Package Quality Overall: Low (3.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. test_install.py)
○ Low Documentation 1.0

No documentation detected

  • No documentation URL, doc files, or meaningful description found
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 48 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 5 shell execution pattern(s)

  • un_env.update(env) return subprocess.run( cmd, cwd=cwd, env=run_env,
  • ] = str(fake_h) result = subprocess.run( ["agiliti", "install", "--global"], cwd=tmp
  • no_proxy"] = "" result = subprocess.run( ["agiliti", "install"], cwd=tmp_path,
  • in is closed.""" result = subprocess.run( ["agiliti", "install"], cwd=tmp_path,
  • str(fake_h) result_glob = subprocess.run( ["agiliti", "install", "--global"], cwd=tmp
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agiliti 
Create a Python-based mini-application named 'AgilityTracker' that leverages the 'agiliti' package to manage and visualize sprint cycles within Agile project management methodologies. This application will help teams track their progress through various stages of development, including planning, execution, and review phases. Here are the key functionalities and steps you need to implement:

1. **User Interface**: Develop a simple command-line interface (CLI) that allows users to interact with the application easily.
2. **Sprint Management**: Implement functionality to create new sprints, assign tasks to team members, and update task statuses (e.g., 'To Do', 'In Progress', 'Done'). Use the 'agiliti' package to efficiently manage these operations.
3. **Task Assignment**: Allow users to assign tasks to specific team members and ensure that each task has a clear description, priority level, and estimated completion time.
4. **Progress Visualization**: Integrate a feature to generate visual representations of the sprint's progress, such as pie charts showing completed versus remaining tasks or line graphs indicating daily progress over the sprint duration.
5. **Reporting**: Enable the generation of detailed reports at the end of each sprint, summarizing overall progress, highlighting any bottlenecks, and suggesting areas for improvement.
6. **Integration with External Tools**: If possible, explore integrating 'AgilityTracker' with popular project management tools like JIRA or Trello using APIs, enhancing its utility for real-world projects.

Throughout the development process, utilize the 'agiliti' package's core functionalities to streamline task management and improve overall efficiency. Ensure that the application is user-friendly, robust, and capable of handling multiple concurrent sprints and teams.