ai-prompt-sanitizer

v1.0.1 suspicious
4.0
Medium Risk

Lightweight, tiered, bidirectional PII sanitizer for LLM pipelines

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no immediate signs of malicious activity such as network calls, shell execution, or obfuscation. However, the missing maintainer information and the new or inactive account raise concerns about its origin and intentions.

  • Missing maintainer information
  • New or inactive maintainer account
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communication.
  • Shell: No shell execution patterns detected, indicating the package does not execute system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer's author name is missing and the account seems new or inactive, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (6.0/10)

✦ High Test Suite 9.0

Test suite present — 7 test file(s) found

  • Test runner config found: pyproject.toml
  • 7 test file(s) detected (e.g. test_audit.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (14758 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 105 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 77 commits in jeslor/prompt-sanitizer
  • Single author but highly active (77 commits)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository jeslor/prompt-sanitizer appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-prompt-sanitizer 
Create a Python-based mini-application named 'ConfidentialChat' which acts as a secure communication tool. This app will allow users to send messages to each other while ensuring that any personally identifiable information (PII) within those messages is sanitized before they are processed by an underlying Large Language Model (LLM). The application should have the following functionalities:

1. User Authentication: Users must sign up and log in to ConfidentialChat. This ensures that only authorized users can send and receive messages.
2. Message Sending & Receiving: Once logged in, users can send messages to other users or groups of users. Messages are stored temporarily until they are read.
3. PII Sanitization: Utilize the 'ai-prompt-sanitizer' package to sanitize any PII found in the messages before they are processed by the LLM. This includes names, phone numbers, addresses, email addresses, and social security numbers.
4. Sanitized Message Display: After processing, display the sanitized version of the message to the recipient, allowing them to see the content without exposing sensitive data.
5. Audit Log: Maintain an audit log of all sanitization activities performed on messages, including timestamps and details of the PII detected and sanitized.
6. User Interface: Develop a simple, intuitive web interface using Flask or Django for users to interact with the application. Ensure that the UI reflects the secure nature of the app with appropriate design elements.
7. Documentation: Provide comprehensive documentation on how to set up and run the application, including instructions for installing necessary packages like 'ai-prompt-sanitizer'.

To utilize 'ai-prompt-sanitizer', integrate it into the backend logic of your application where messages are processed. When a new message is received, pass its content through the sanitizer before sending it to the LLM for further processing. Ensure that the sanitization process is seamless and does not affect the user experience negatively.