Package Metadata

Author: —
Email: AgentEnv <[email protected]>
PyPI: agv
Python: >=3.10
Versions: 18 releases
First release: 30 Mar 2026, 04:44 UTC
Analysed: 06 Jun 2026, 13:25 UTC
Source files: 61 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 3 - AlphaEnvironment :: ConsoleIntended Audience :: DevelopersOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: Software Development :: Libraries :: Python ModulesTopic :: System :: Distributed Computing

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several indicators of potential risk, including a high metadata risk score due to possible typosquatting and questionable maintainer history. Additionally, there is a medium credential risk associated with retrieving passwords.

High metadata risk due to possible typosquatting
Medium credential risk

Per-check LLM notes

Network: The package uses HTTPX for network requests, which is common for making API calls and checking health status. This does not inherently indicate malicious activity.
Shell: Subprocess calls to external commands like 'vi' for editing configuration files and 'node' for running scripts might be legitimate depending on the package's functionality, but require careful review to ensure they are used safely.
Obfuscation: No obfuscation patterns detected in the provided code snippet.
Credentials: The code attempts to retrieve a password from a keyring service, which could be a legitimate operation but may also indicate potential credential harvesting depending on how it's used.
Metadata: The package shows signs of potential typosquatting and has suspicious maintainer history.
⚠ Typosquatting target: arq

📦 Package Quality Overall: Low (3.2/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/agentenv/monorepo/tree/main/mintlify_docs
Detailed PyPI description (13631 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

977 type-annotated function signatures detected in source

○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

GitHub API error: 404

🔬 Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

return False with socket.create_connection((host, int(target_port)), timeout=timeout):
mport httpx with httpx.Client() as http_client: url = f"{self.client.base_
= None self._client = httpx.Client( timeout=httpx.Timeout(timeout, connect=10.0),
s.api_url) response = httpx.get(f"{api_url}/v1/health", timeout=10) if response.stat

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

viron.get("EDITOR", "vi") subprocess.call([editor, config_file]) print_success(f"Configuration fi
available() result = subprocess.run( ["node", self.runner_script], input

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

try: return keyring.get_password(self.KEYRING_SERVICE, keyring_key) except Exception:

⚠ Typosquatting score 3.0

Possible typosquat of: arq

"agv" is 2 edit(s) from "arq"

✓ Registered Email Domain

Email domain looks legitimate: agentenv.io>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with agv

Develop a Python-based mini-application named 'AIWorkloadManager' that leverages the 'agv' package to manage and monitor AI workloads within a cloud environment. This application should allow users to perform various tasks such as creating, starting, stopping, and deleting AI workloads. Additionally, it should provide real-time monitoring of these workloads, including CPU usage, memory consumption, and network activity.

Step 1: Set up the development environment by installing Python and the 'agv' package.
Step 2: Design a user-friendly command-line interface (CLI) that accepts commands for managing workloads.
Step 3: Implement functions to interact with the 'agv' package for creating, starting, stopping, and deleting AI workloads.
Step 4: Integrate real-time monitoring capabilities using the 'agv' package to track workload performance metrics.
Step 5: Add logging functionality to record all operations performed on the workloads.
Step 6: Test the application thoroughly to ensure all features work as expected.
Step 7: Document the code and create a README file explaining how to install and use the application.

Suggested Features:
- Detailed error messages for failed operations.
- Support for multiple cloud environments through configuration files.
- Ability to schedule workload executions at specific times.
- Export workload performance data to CSV files for further analysis.