Package Metadata

Author: —
Email: Qing <[email protected]>
PyPI: ai-agent-contracts
Python: >=3.12
Versions: 5 releases
First release: 26 Mar 2026, 15:25 UTC
Analysed: 06 Jun 2026, 13:34 UTC
Source files: 61 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Science/ResearchProgramming Language :: Python :: 3Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant risks due to shell execution and code obfuscation practices, which could potentially be exploited for malicious activities. However, there are no clear signs of credential harvesting or immediate network vulnerabilities.

High shell risk due to execution of arbitrary Python scripts
Significant obfuscation risk with the use of eval

Per-check LLM notes

Network: Setting a default timeout for network requests is common and not inherently suspicious.
Shell: Executing arbitrary Python scripts from temporary files can pose a risk if the source code or inputs are untrusted, suggesting potential for exploitation.
Obfuscation: The use of eval with obfuscated code is risky and could be used for malicious purposes.
Credentials: No clear signs of credential harvesting detected.
Metadata: The maintainer has a new or inactive account and lacks detailed author information, which could indicate potential unreliability.

📦 Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present — 4 test file(s) found

Test runner config found: pyproject.toml
4 test file(s) detected (e.g. budget_violation_test.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/flyersworder/agent-contracts/blob/main/do
Detailed PyPI description (20475 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
310 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 100 commits in flyersworder/agent-contracts
Two distinct contributors found

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

T_SOCKET_TIMEOUT_SECONDS = 30 socket.setdefaulttimeout(_DEFAULT_SOCKET_TIMEOUT_SECONDS) # Imports below this line

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

try: return str(eval(expression)) except Exception as e: retu

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

() try: result = subprocess.run( ["python", temp_file], input=test_i

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository flyersworder/agent-contracts appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-agent-contracts

Create a mini-application called 'AI Resource Manager' that leverages the 'ai-agent-contracts' package to manage and govern autonomous AI agents within a system. The application should allow users to define AI agents, set their resource constraints (such as CPU usage, memory limits, etc.), and establish temporal boundaries for their operations. Additionally, the app should provide functionalities to monitor and enforce these contracts in real-time, ensuring that each AI agent adheres to its defined constraints and operates within specified timeframes. Key features of the application include:

1. User-friendly interface for adding new AI agents with customizable resource constraints.
2. Time-bound operations management for each AI agent, allowing users to specify start and end times for tasks.
3. Real-time monitoring dashboard showing the current state of all AI agents, including any violations of their contracts.
4. Notification system for alerting users when an AI agent breaches its resource constraints or exceeds its operational timeframe.
5. Historical data logging for analysis and auditing purposes.

Utilize the 'ai-agent-contracts' package to formalize the governance of AI agents through explicit contracts. This involves defining contract terms for each agent, enforcing these terms during runtime, and handling any breaches according to predefined policies. The application should demonstrate the package's ability to enhance the reliability and transparency of AI systems by clearly delineating the responsibilities and limitations of each autonomous agent.