Package Metadata

Author: —
Email: —
PyPI: ai-runtime-guard
Python: >=3.10
Versions: 8 releases
First release: 08 Mar 2026, 15:49 UTC
Analysed: 06 Jun 2026, 14:54 UTC
Source files: 43 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: Other/Proprietary LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: SecurityTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high risks related to shell execution and credential harvesting, which could lead to significant security breaches. However, there is no clear evidence of malicious intent beyond these specific risks.

High shell risk indicating potential for unintended behavior
High credential risk suggesting intent to access sensitive files

Per-check LLM notes

Network: Network calls could be legitimate if the package is designed for external communication, but may indicate unauthorized access if not documented.
Shell: Execution of shell commands can be high risk, especially if they modify system configurations or install packages, suggesting potential for unintended behavior or security vulnerabilities.
Obfuscation: No obfuscation patterns detected.
Credentials: High risk of credential harvesting; paths listed suggest intent to access sensitive files.
Metadata: The author's information is incomplete, suggesting potential unreliability.

📦 Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present — 16 test file(s) found

16 test file(s) detected (e.g. test_agent_configs.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (7077 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

499 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 100 commits in runtimeguard/runtime-guard
Two distinct contributors found

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

> bool: try: with socket.create_connection((host, port), timeout=timeout): return True
', 'unknown')}" request = urllib.request.Request( endpoint, data=body, method
, ) try: with urllib.request.urlopen(request, timeout=timeout_seconds) as response:

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

ted in checks: proc = subprocess.run( [codex_bin, "execpolicy", "check", "--rules", s
i_dir} ...") try: subprocess.run(["npm", "install"], cwd=str(ui_dir), check=True) sub
(ui_dir), check=True) subprocess.run(["npm", "run", "build"], cwd=str(ui_dir), check=True) ex
.ai-runtime-guard.ui" subprocess.run(["launchctl", "bootout", f"gui/{uid}/{label}"], check=False)
abel}"], check=False) subprocess.run(["launchctl", "bootstrap", f"gui/{uid}", str(plist_path)], c
t_path)], check=True) subprocess.run(["launchctl", "kickstart", "-k", f"gui/{uid}/{label}"], chec

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

"paths": [".env", ".ssh", "/etc/passwd", "activity.log", "approvals.db", "approvals.db.hmac.key"],

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository runtimeguard/runtime-guard appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ai-runtime-guard

Create a secure AI model deployment system called 'GuardedAI' using the Python package 'ai-runtime-guard'. This system will serve as a platform for deploying machine learning models in a production environment while ensuring they operate within predefined security policies. The application should include the following functionalities:

1. **Model Deployment**: Users can upload their trained ML models into the system.
2. **Policy Configuration**: Define different levels of access control and operational policies for each deployed model. These policies should cover aspects like data input/output restrictions, operational hours, and allowed user interactions.
3. **Approval Mechanism**: Implement a tiered approval process where certain actions (like changing model parameters or accessing sensitive data) require higher-level permissions.
4. **Backup and Recovery**: Ensure that all deployed models have automated backups and a recovery mechanism in case of failure.
5. **Audit Logs**: Maintain comprehensive logs of all activities related to the models, including who accessed them, when, and what changes were made.
6. **User Interface**: Develop a simple web-based interface where users can manage their models and view audit logs.
7. **Integration with 'ai-runtime-guard'**: Utilize the 'ai-runtime-guard' package to enforce security policies during runtime. For example, use its approval mechanisms to control who can modify model configurations and its audit capabilities to track usage.

Your task is to design and implement 'GuardedAI', focusing on integrating 'ai-runtime-guard' effectively to ensure that all deployed models comply with the set security standards. Provide documentation on how to install and configure the system, as well as guidelines for setting up and managing policies.