Package Metadata

Author: —
Email: Aho <[email protected]>
PyPI: aho-sdk
Python: >=3.9
Versions: 3 releases
First release: 27 Mar 2026, 19:47 UTC
Analysed: 06 Jun 2026, 13:28 UTC
Source files: 28 .py files scanned

Project Links

Changelog Documentation Homepage Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.9Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network, shell, and obfuscation activities but has a high metadata risk score due to signs of abandonment or being a throwaway project, which raises concerns about its legitimacy and security.

High metadata risk score
No immediate technical risks detected

Per-check LLM notes

Network: The observed network calls are typical for packages that require internet access to fetch data or communicate with external services.
Shell: No shell execution patterns were detected, indicating no immediate risk from this aspect.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, suggesting secure handling of sensitive information.
Metadata: The repository shows signs of being abandoned or a throwaway project, increasing suspicion of potential malicious intent.

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

Test runner config found: pyproject.toml
1 test file(s) detected (e.g. test_clients.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://aho.com/docs/sdks/api/python
Detailed PyPI description (8431 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

323 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 1 commits in aho-hq/aho-python
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

TTP request.""" req = urllib.request.Request(url, data=data, headers=headers, method=method)
try: with urllib.request.urlopen(req, timeout=self._timeout) as response:
d: self._client = httpx.AsyncClient( timeout=self._timeout, head

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: aho.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 7.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks
Very few commits: 1 total
Single contributor with only 1 commit(s) — possibly throwaway account

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aho-sdk

Create a verifiable credentials management system using the 'aho-sdk' Python package. This mini-application will allow users to create, issue, verify, and revoke verifiable credentials. The application should include the following features:

1. User Authentication: Implement a simple user authentication system where users can register and log in.
2. Credential Issuance: Users should be able to request and receive verifiable credentials from issuers.
3. Credential Verification: Allow users to verify the authenticity of their own or others' credentials.
4. Credential Revocation: Provide functionality for issuers to revoke issued credentials.
5. User Interface: Develop a basic web interface using Flask or Django for a better user experience.
6. Documentation: Write clear documentation explaining how to use the application and integrate it with other systems.

The 'aho-sdk' package will be used extensively throughout the project. For instance, when issuing a credential, you'll utilize the 'issue_credential' method provided by the SDK. Similarly, verification and revocation functionalities will leverage the SDK's respective methods. Ensure that your implementation is secure and follows best practices for handling sensitive information.