ai-dev-harness

v0.2.2 safe
3.0
Low Risk

Multi-harness AI coding tool config inspector — scan, visualize, and audit AI assistant ecosystems.

🤖 AI Analysis

Final verdict: SAFE

The package ai-dev-harness v0.2.2 exhibits low risk in terms of network, shell, and obfuscation activities. There is no evidence of malicious behavior within the package.

  • No network calls detected.
  • Repository not found and maintainer has only one package.
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires internet access for its functionality.
  • Shell: No shell execution detected, reducing the risk of command injection or system compromise.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository is not found and the maintainer has only one package, which may indicate low activity or a new account.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 7 test file(s) found

  • 7 test file(s) detected (e.g. test_claude_code_harness.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (1795 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 92 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Boris Villazon-Terrazas" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-dev-harness 
Create a Python-based mini-application named 'AIInspector' that leverages the 'ai-dev-harness' package to provide developers with a comprehensive toolset for inspecting, visualizing, and auditing their AI assistant ecosystems. This application should be user-friendly and capable of performing the following tasks:

1. **Scan Ecosystems**: Develop a feature within 'AIInspector' that allows users to input paths to directories containing AI assistant configurations and codebases. The application should scan these directories and identify all relevant components of the AI ecosystem, such as models, APIs, scripts, and other dependencies.

2. **Visualize Dependencies**: Implement a visualization module that generates graphical representations of the dependencies between different components within the scanned AI ecosystems. This could include dependency graphs, network diagrams, or any other form of visualization that clearly illustrates how various parts of the ecosystem interact.

3. **Audit Compliance**: Integrate an audit functionality that checks the scanned AI ecosystems against predefined compliance standards or best practices. Users should be able to customize these standards according to their needs. The audit results should highlight areas of non-compliance and suggest improvements.

4. **Generate Reports**: Enable 'AIInspector' to produce detailed reports summarizing the findings from the scans, visualizations, and audits. These reports should be easily readable and exportable in formats like PDF or HTML.

5. **User Interface**: While primarily command-line driven, consider adding a simple GUI interface using Tkinter or a similar toolkit to make the application more accessible to users who may not be comfortable with command-line interfaces.

The 'ai-dev-harness' package will be crucial in facilitating the scanning process, providing the necessary tools and utilities to efficiently parse and analyze the AI ecosystems. It will also aid in the visualization and audit functionalities by offering pre-built modules and functions tailored for these tasks. Your goal is to create a versatile and powerful tool that simplifies the management and optimization of AI assistant ecosystems.