aicu-scanner

v0.8.1 suspicious
8.0
High Risk

LLM application security testing framework — prompt injection, multimodal attacks, safety bypass, and indirect injection scanner

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits multiple red flags including high risks related to credential harvesting and obfuscation techniques, suggesting potential malicious intent. However, without concrete evidence of harmful behavior, it cannot be definitively classified as malicious.

  • high credential risk
  • obfuscation techniques
Per-check LLM notes
  • Network: The package makes network calls without verifying SSL certificates, which could be risky but might also be intended for testing or specific use cases.
  • Shell: Execution of shell commands with timeouts suggests the package may execute external processes, potentially for scanning purposes, which is concerning if not properly documented and controlled.
  • Obfuscation: The presence of base64 decoding and SQL injection patterns suggests potential code obfuscation or evasion techniques, which may indicate malicious intent.
  • Credentials: The detection of patterns accessing sensitive files like /etc/passwd and /etc/shadow, along with SSRF vulnerabilities, strongly indicates an attempt to harvest credentials or sensitive information.

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (7463 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 230 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 95 commits in Jake-Schoellkopf/aicu
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • ies, req_file) session = httpx.Client(proxy=proxy, verify=False, timeout=60, http2=True) resu
  • print("=" * 70) client = httpx.Client(proxy=PROXY, verify=False, timeout=60, http2=True) resul
  • int.""" try: with httpx.Client(timeout=10.0, follow_redirects=True) as client:
  • float = 0.7) -> str: with httpx.Client(timeout=30) as client: resp = client.post(
  • count) try: with httpx.Client(timeout=45) as client: resp = client.post(
  • try: with httpx.Client(timeout=60) as client: resp = client.post(ur
Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • ry: decoded = base64.b64decode(match.group(0)).decode("utf-8", errors="ignore")
  • ction", "pattern": re.compile(r"""(?:execute|cursor\.execute|query)\s*\(\s*f?['"]\s*(?:SELECT|INSERT|UPDATE|DELETE|DR
  • ction", "pattern": re.compile(r"""(?:execute|query)\s*\(\s*['"].*['"]\s*\+\s*"""), "reason":
  • ction", "pattern": re.compile(r"""(?:exec|eval)\s*\(\s*(?:request|input|user|data|params)""", re.IGNO
  • JFIF marker) app0 = b"JFIF\x00\x01\x01\x00\x00\x01\x00\x01\x00\x00" img += b"\xFF\xE0" + struct.pack(">H", len(app0) + 2)
  • ">BHH", 8, height, width) + b"\x03\x01\x11\x00\x02\x11\x01\x03\x11\x01" img += b"\xFF\xC0" + struct.pack(">H", len(sof) + 2) +
Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • try: result = subprocess.run(cmd, capture_output=True, text=True, timeout=300)
  • try: result = subprocess.run(cmd, capture_output=True, text=True, timeout=120)
Credential Harvesting score 10.0

Found 6 credential access pattern(s)

  • "/mnt/user-data/uploads/../../etc/passwd"}}, {"id": "FU-002", "name": "/proc/self/environ via pa
  • "path": "file:///etc/passwd"}}, {"id": "FU-004", "name": "SSRF via IMDS URL in path
  • ment": {"file_name": "../../../etc/shadow", "file_type": "text/plain", "file_size": 100,
  • mnt/user-data/uploads/../../../etc/shadow"}}, {"id": "FU-007", "name": "Command injection in file
  • chment": {"file_name": "$(cat /etc/passwd).txt", "file_type": "text/plain", "file_size": 50,
  • "/mnt/user-data/uploads/$(cat /etc/passwd).txt"}}, {"id": "FU-008", "name": "IDOR - access anothe
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Jake Schoellkopf" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aicu-scanner 
Create a fully-functional mini-application named 'SecurityGuard' using the Python package 'aicu-scanner'. This application will serve as a comprehensive tool for developers to test the security of their applications against various forms of AI-driven attacks such as prompt injection, multimodal attacks, safety bypass, and indirect injection. SecurityGuard should provide an intuitive interface where users can input details about their application and choose from different types of security tests. The application should also generate a detailed report after each test, highlighting vulnerabilities and suggesting improvements.

Steps to develop SecurityGuard:
1. Install and import the 'aicu-scanner' package in your Python environment.
2. Design a user-friendly command-line interface (CLI) that allows users to select the type of security test they want to perform.
3. Implement functions within SecurityGuard that utilize 'aicu-scanner' to scan the target application according to the selected test type.
4. Develop a reporting system that compiles and presents the findings from the scans in a structured format, including severity levels and recommendations for mitigation.
5. Integrate an option for users to save and review past scan reports for tracking improvements over time.

Suggested Features:
- Support for multiple test types (prompt injection, multimodal attacks, etc.)
- Customizable test configurations to suit different application environments
- Real-time feedback during the scanning process
- Detailed documentation and examples for end-users

Utilization of 'aicu-scanner': Throughout the development of SecurityGuard, you will leverage 'aicu-scanner' to execute the security tests chosen by the user. This includes configuring the scanner settings based on user inputs, initiating scans, and processing the results returned by 'aicu-scanner' to generate meaningful insights and reports.