Package Metadata

Author: Akunimal
Email: —
PyPI: ai-devsec-gateway
Python: >=3.10
Versions: 3 releases
First release: 31 May 2026, 13:40 UTC
Analysed: 06 Jun 2026, 13:59 UTC
Source files: 19 .py files scanned

Project Links

Bug Tracker Changelog Documentation Homepage Repository

Classifiers

License :: OSI Approved :: MIT LicenseOperating System :: MacOS :: MacOS XOperating System :: Microsoft :: WindowsOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Security

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its network and shell execution capabilities, which could potentially be exploited for malicious purposes. However, there is no clear evidence of actual malicious activity.

network risk due to external API calls
shell risk from potential command injection

Per-check LLM notes

Network: The package makes external API calls which could be legitimate but also may indicate data exfiltration or C2 communication.
Shell: The use of shell commands execution can be legitimate for system monitoring or management but poses a risk for potential command injection and control.
Obfuscation: No obfuscation patterns detected in the provided code snippet.
Credentials: The code snippet does not indicate any direct credential harvesting activities; it appears to be setting a path variable and defining color constants.
Metadata: The maintainer has only one package, which may indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present — 7 test file(s) found

Test runner config found: pyproject.toml
7 test file(s) detected (e.g. test_blocklist.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/Akunimal/AI-Router-Blocker-AiO#readme
Detailed PyPI description (7736 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 10.0

Active multi-contributor project

5 unique contributor(s) across 81 commits in Akunimal/AI-Router-Blocker-AiO
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

ontent_length) req = urllib.request.Request(target, data=data, headers=headers, method=method)
try: with urllib.request.urlopen(req, timeout=30) as response: self.s
de("utf-8") req = urllib.request.Request( "https://api.openai.com/v1/chat/com
try: with urllib.request.urlopen(req, timeout=15) as response: re
ith patch("ai_blocker.gateway.urllib.request.urlopen") as mock_urlopen: mock_response = MagicMock

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

, proc]) result = subprocess.run(args, capture_output=True, text=True, **kwargs)
ll"] + active subprocess.run(args, capture_output=True, text=True, **kwargs)
indows": result = subprocess.run(["tasklist", "/NH"], capture_output=True, text=True, **kwarg
else: result = subprocess.run(["ps", "-A", "-o", "comm="], capture_output=True, text=True,
_OS == "Windows": subprocess.run(["ipconfig", "/flushdns"], capture_output=True, **kwargs)
T_OS == "Darwin": subprocess.run(["dscacheutil", "-flushcache"], capture_output=True, **kwarg

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

) else: HOSTS_PATH = "/etc/hosts" # Catppuccin Mocha colors COL_BASE = "#1E1E2E" COL_S

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Akunimal/AI-Router-Blocker-AiO appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Akunimal" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-devsec-gateway

Create a fully-functional mini-application called 'AI Traffic Auditor' using the Python package 'ai-devsec-gateway'. This application will serve as a tool for developers and security analysts to monitor, intercept, and analyze their AI traffic in real-time. The application should have the following functionalities:

1. **Real-Time Monitoring**: Allow users to connect to a specified AI service endpoint and start monitoring its traffic in real-time.
2. **Interception and Audit**: Provide the ability to intercept requests and responses passing through the AI service, allowing users to inspect them before they reach their destination.
3. **Traffic Analysis**: Implement a feature to log intercepted traffic data into a database or file system for later analysis.
4. **Customizable Rules Engine**: Enable users to define custom rules for traffic interception based on specific criteria such as request content, response status codes, etc.
5. **Security Alerts**: Set up mechanisms to trigger alerts when certain security conditions are met, such as detecting unusual traffic patterns or unauthorized access attempts.
6. **User Interface**: Develop a simple web-based UI for easy interaction with the application, including connecting/disconnecting from AI services, viewing logs, and managing rules.

Utilize the 'ai-devsec-gateway' package to handle the core functionalities of traffic interception, auditing, and routing. Ensure the application is well-documented and includes instructions for installation and setup.