aidial-sdk

v0.37.0 safe
3.0
Low Risk

Framework to create applications and model adapters for AI DIAL

πŸ€– AI Analysis

Final verdict: SAFE

The package shows minimal signs of risk with no evidence of malicious intent or practices. While there are some minor concerns such as network and metadata risks, these do not strongly indicate a supply-chain attack.

  • Low risk of shell execution
  • No obfuscation or credential harvesting detected
  • Minor network and metadata risks
Per-check LLM notes
  • Network: The use of network calls is common for SDKs to communicate with their services, but it should be reviewed if the API endpoints are secure and necessary.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious code.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets.
  • Metadata: The presence of a non-HTTPS link and an author with a single package suggests potential risks, but there's no strong evidence of malice.

πŸ“¦ Package Quality Overall: Medium (6.0/10)

β—ˆ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
β—ˆ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://epam-rail.com/dial_api
  • Detailed PyPI description (6120 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 200 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 9 unique contributor(s) across 100 commits in epam/ai-dial-sdk
  • Active community β€” 5 or more distinct contributors

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • ) async with httpx.AsyncClient() as client: response = await client.request
βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: epam.com

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://127.0.0.1:5000/openai/deployments/echo/chat/completions
βœ“ Git Repository History

Repository epam/ai-dial-sdk appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "EPAM RAIL" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with aidial-sdk 
Create a conversational agent mini-app using the 'aidial-sdk' package. This app will serve as a bridge between users and AI DIAL models, enabling natural language interactions for various tasks. The mini-app should be capable of handling user queries, processing them through an AI DIAL model, and providing responses in a conversational format. Here’s a detailed breakdown of the project requirements:

1. **Setup Environment**: Begin by installing the necessary packages including 'aidial-sdk'. Ensure your environment supports Python 3.8 or higher.

2. **Application Structure**: Design a modular application structure where each module handles specific functionalities such as input/output handling, model interaction, and response formatting.

3. **User Interface**: Develop a simple yet effective command-line interface (CLI) for interacting with the application. This CLI should accept user inputs and display model-generated outputs.

4. **Model Integration**: Utilize 'aidial-sdk' to integrate with an AI DIAL model. This involves setting up the SDK to communicate with the model API, passing user queries, and receiving responses.

5. **Enhanced Features**:
   - Implement context-aware conversations by maintaining session history.
   - Add support for different types of queries such as information retrieval, task execution, and personalized interactions.
   - Include error handling mechanisms to manage unexpected responses from the model.

6. **Testing & Validation**: Conduct thorough testing to ensure the application functions correctly under various scenarios. Validate the model's responses against expected outcomes.

7. **Documentation**: Provide comprehensive documentation detailing setup instructions, usage guidelines, and any customization options available in the application.

This project leverages the 'aidial-sdk' package to showcase its capabilities in building robust and interactive applications. Focus on creating a seamless user experience while demonstrating the power of AI DIAL models in real-world applications.