ai-lls-lib

v3.13.1 suspicious
6.0
Medium Risk

Landline Scrubber core library - phone verification and DNC checking

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential unauthorized data transmission and high risk from subprocess execution. While base64 decoding and credential access do not definitively indicate malicious intent, they contribute to the overall suspicion.

  • High shell risk due to subprocess execution
  • Moderate network and credential risks
Per-check LLM notes
  • Network: The network calls may indicate legitimate API interactions but could also be used for unauthorized data transmission.
  • Shell: Subprocess execution can be risky as it allows the package to run arbitrary commands on the host system, potentially leading to system compromise.
  • Obfuscation: Base64 decoding is commonly used for data encoding/decryption and does not necessarily indicate malicious activity.
  • Credentials: Accessing environment variables for AWS credentials can be legitimate but raises suspicion without clear context of usage.
  • Metadata: The maintainer has only one package and lacks PyPI classifiers, suggesting low effort or a new/inactive account.

📦 Package Quality Overall: Low (4.8/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. test_stack.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (4952 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 128 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • n}.{hosted_zone}" resp = httpx.get( f"{base_url}/user", headers={"X-LLS-Key":
  • t self.http_client = httpx.Client(timeout=timeout) def verify_phone(self, phone: str) -
Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • and body: body = base64.b64decode(body).decode("utf-8") if body: strip
Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • ) try: result = subprocess.run(cmd, capture_output=True, text=True) if result.retu
  • "..", "..") result = subprocess.run(cmd, cwd=project_root) if result.returncode == 0:
Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • self.region = region or os.environ.get("AWS_REGION", "us-east-1") self.profile = profile
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "LandlineScrubber Team" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-lls-lib 
Create a comprehensive mini-application named 'PhoneGuard' using the Python package 'ai-lls-lib'. This application will serve as a robust tool for verifying landline numbers and ensuring they comply with Do Not Call (DNC) regulations. PhoneGuard should have a user-friendly interface where users can input landline numbers for verification. Upon submission, the application will utilize the 'ai-lls-lib' package to perform the following tasks:

1. Validate the format of the entered phone number.
2. Check if the phone number is registered on any Do Not Call lists.
3. Provide a report indicating whether the number is valid and compliant with DNC rules.

Additionally, consider adding the following features to enhance the functionality and usability of the application:

- An option to batch-check multiple phone numbers at once.
- A history feature that logs all previous checks with timestamps.
- A graphical user interface (GUI) built with Tkinter or PyQt to make the application more accessible.
- Integration with a simple database (SQLite) to store check results and user inputs securely.
- Error handling to manage invalid inputs gracefully and provide useful feedback.

The application should demonstrate effective use of the 'ai-lls-lib' package, showcasing its capabilities in phone number verification and DNC compliance checking.