agnoclaw

v0.7.5 suspicious
6.0
Medium Risk

A hackable, model-agnostic agent harness built on Agno — with Claude Code's prompt wisdom, OpenClaw's UX patterns, and full Python extensibility

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant shell risk due to its ability to manipulate system configurations, which is unusual behavior. While there are no clear signs of malicious intent, the combination of network and shell risks raises concerns about potential unauthorized access or persistence mechanisms.

  • High shell risk indicating potential for system configuration modification
  • Medium network risk suggesting possible unintended communication
Per-check LLM notes
  • Network: The network call to localhost may be intended for local development or testing purposes but could also indicate an attempt at data exfiltration or command and control communication.
  • Shell: The use of shell commands to manage system services suggests the package has capabilities to modify system configurations, which is unusual and could indicate potential for unauthorized system manipulation or persistence mechanisms.
  • Metadata: The author has only one package, which may indicate a new or less active account, but no other red flags are present.

📦 Package Quality Overall: Medium (5.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/yogin16/agnoclaw#readme
  • Detailed PyPI description (30605 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 258 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 100 commits in yogin16/agnoclaw
  • Single author but highly active (100 commits)

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • import httpx r = httpx.get("http://localhost:11434/api/tags", timeout=2.0) retu
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • st_path.exists(): subprocess.run(["launchctl", "unload", str(plist_path)], capture_output=Tru
  • t(plist_content) result = subprocess.run(["launchctl", "load", str(plist_path)], capture_output=True,
  • e" if uninstall: subprocess.run(["systemctl", "--user", "stop", service_name], capture_outpu
  • capture_output=True) subprocess.run(["systemctl", "--user", "disable", service_name], capture_ou
  • service_path.unlink() subprocess.run(["systemctl", "--user", "daemon-reload"], capture_output=Tru
  • ite_text(service_content) subprocess.run(["systemctl", "--user", "daemon-reload"], capture_output=Tru
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository yogin16/agnoclaw appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "agnoclaw contributors" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agnoclaw 
Develop a personalized news summarizer app using the 'agnoclaw' package. This app will allow users to input their preferred topics and sources, then provide them with concise summaries of the most relevant articles from those sources. The core functionality includes fetching news articles from various APIs, filtering based on user preferences, and generating summaries using natural language processing techniques. Utilize 'agnoclaw' to create an agent that can adapt its behavior based on user feedback and interactions, making it more accurate and tailored over time. Here’s a step-by-step guide to building this app:

1. **Setup Environment**: Install necessary packages including 'agnoclaw', 'requests', and 'nltk'.
2. **API Integration**: Integrate with news APIs like NewsAPI.org or Google News API to fetch articles.
3. **User Interface**: Design a simple UI where users can select topics (e.g., technology, sports) and specify sources (e.g., CNN, BBC).
4. **Data Processing**: Use 'agnoclaw' to process incoming data, applying filters based on user selections and summarizing content.
5. **Feedback Loop**: Implement a mechanism for users to rate the accuracy and relevance of summaries, which 'agnoclaw' uses to improve future outputs.
6. **Extensibility**: Ensure the app is easily extendable to include more sources or topics as per user demand.
7. **Testing & Deployment**: Test the app thoroughly, then deploy it on a web server or as a desktop application.