ai-forge-cli

v3.0.2 suspicious
5.0
Medium Risk

Forge V4 architecture context CLI

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has no signs of obfuscation or credential harvesting, but its low maintenance effort and lack of proper author identification raise concerns about potential supply-chain risks.

  • Low maintenance effort
  • Lack of proper author identification
Per-check LLM notes
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
  • Metadata: The package shows low maintenance effort and lacks a proper author identification, which raises some suspicion but does not conclusively indicate malice.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 2 test file(s) found

  • Test runner config found: pyproject.toml
  • 2 test file(s) detected (e.g. test_context.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (4836 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 270 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • .exists(): return subprocess.run([sys.executable, str(SYNC_SCRIPT)], check=True) class buil
  • f system == "Darwin": subprocess.run(["open", target], check=False) elif system == "Windows":
  • system == "Windows": subprocess.run(["cmd", "/c", "start", "", target], check=False) else:
  • heck=False) else: subprocess.run(["xdg-open", target], check=False) def _template_text(file
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-forge-cli 
Your task is to develop a command-line interface (CLI) tool using the 'ai-forge-cli' package, which simplifies the process of setting up and managing projects based on the Forge V4 architecture context. This tool will serve as a quick and efficient way for developers to bootstrap their projects with the necessary configurations and integrations provided by Forge V4. Your goal is to create a fully functional mini-app that allows users to easily start new projects, manage existing ones, and integrate various services directly from the terminal.

Steps to follow:
1. Install the 'ai-forge-cli' package using pip.
2. Create a main CLI script that initializes a new Forge V4 project when the user runs `forge init`.
3. Implement commands to add, remove, and update services within the project context.
4. Ensure the CLI provides clear and concise feedback during operations, including error messages and success notifications.
5. Integrate help and versioning functionalities into your CLI for better usability.
6. Test your CLI thoroughly to ensure it works as expected across different scenarios.

Suggested Features:
- Ability to specify project templates during initialization.
- Support for adding custom services not included in the default set.
- Configuration management for different environments (development, staging, production).
- Integration with popular cloud providers for easy deployment.
- Detailed logging and reporting capabilities.

How 'ai-forge-cli' is Utilized:
- Use 'ai-forge-cli' to handle the setup and configuration of Forge V4 contexts.
- Leverage its capabilities to streamline the integration of various services into the project.
- Employ its API to manage project files and directories according to Forge V4 standards.
- Utilize 'ai-forge-cli' for version control and compatibility checks within the project context.