Package Metadata

Author: —
Email: —
PyPI: aicommand
Python: >=3.11
Versions: 6 releases
First release: 31 May 2026, 08:23 UTC
Analysed: 06 Jun 2026, 15:40 UTC
Source files: 14 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: System AdministratorsLicense :: OSI Approved :: GNU Affero General Public License v3Programming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python ModulesTopic :: System :: Systems Administration

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several red flags including potential credential risk, recent repository creation, and rapid commit history, suggesting possible supply-chain attack vectors.

credential risk due to getpass.getpass usage
metadata risk with recent repository creation and rapid commit history

Per-check LLM notes

Network: The package makes network calls to GitHub API, which could be legitimate if it's fetching updates or dependencies.
Shell: No shell execution patterns detected.
Obfuscation: The code appears to be using import and string manipulation which could be part of normal package version checking logic, not necessarily malicious obfuscation.
Credentials: The presence of getpass.getpass indicates handling of sensitive input such as passwords, but without further context, it's unclear if this is for legitimate purposes or potential credential harvesting.
Metadata: Recent repository creation and rapid commit history suggest potential risk; maintainer has limited package history and incomplete profile.

📦 Package Quality Overall: Low (3.4/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (11508 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

52 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 17 commits in yanzhangyanyan/ai-cli
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

urllib.request req = urllib.request.Request(GITHUB_API, headers={"User-Agent": "aicli"})
ent": "aicli"}) with urllib.request.urlopen(req, timeout=15) as resp: data = _json.

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

leases/latest" CURRENT = __import__("aicli").__version__ print("aiCLI update\n") try:

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

None, lambda: getpass.getpass(t("sudo_prompt")), ) def _safe_input(prompt: str)
try: return getpass.getpass(" [sudo] password: ") except (EOFError, KeyboardIn

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 5.0

Git history flags: Repository created very recently: 6 day(s) ago (2026-05-31T07:46:26Z)

Repository created very recently: 6 day(s) ago (2026-05-31T07:46:26Z)
All 17 commits happened within 24 hours

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aicommand

Create a versatile command-line tool named 'AIFileMover' that leverages the 'aicommand' Python package to manage file operations across different systems. This tool should allow users to interact with it using natural language commands, enabling it to understand complex instructions such as moving files between directories, renaming files, deleting files, copying files to remote servers via SSH, and more. The application should support both local and remote operations on Linux and Windows systems, making it highly flexible and useful for system administrators and developers.

Key Features:
1. User-friendly natural language input for specifying file operations.
2. Support for executing commands locally and remotely via SSH on both Linux and Windows.
3. Ability to handle multiple file operations in a single command, such as 'Move all .txt files from directory A to directory B and rename them.'
4. Detailed logging of all actions performed for auditing purposes.
5. Error handling and retry mechanisms for failed commands.
6. Optional verbose mode to provide real-time feedback during command execution.

Steps to Build the Application:
1. Install the required packages including 'aicommand', 'paramiko' for SSH connections, and 'logging' for logging actions.
2. Set up the basic structure of the CLI tool, defining functions for parsing user inputs into actionable commands.
3. Integrate 'aicommand' to interpret natural language inputs into executable shell commands.
4. Implement functionality to connect to remote systems via SSH and execute commands securely.
5. Develop error handling and logging mechanisms to ensure robustness and traceability.
6. Test the application thoroughly with various scenarios to ensure reliability and accuracy.
7. Document the usage instructions and available commands clearly for end-users.
8. Deploy the application and make it available for users to download and use.

Utilizing the 'aicommand' package will streamline the process of translating user instructions into precise command executions, significantly enhancing the usability and efficiency of the 'AIFileMover' tool.