aiel-sdk

v1.8.0 suspicious
4.0
Medium Risk

AI Execution Layer SDK (contracts + registry + decorators) with curated facades.

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risk due to its low maintenance efforts and potential improper credential handling, though direct malicious intent is not confirmed.

  • Low effort and sparse maintainer history
  • Credentials retrieved from OS keyring without clear necessity
Per-check LLM notes
  • Network: The observed network patterns are typical for packages that make HTTP requests, suggesting it's intended to interact with external services.
  • Shell: No shell execution patterns detected, indicating no immediate risk related to shell command execution.
  • Obfuscation: No obfuscation patterns detected.
  • Credentials: The code attempts to retrieve credentials from the OS keyring, which could be legitimate for authentication purposes but should be reviewed for proper handling and necessity.
  • Metadata: The package shows low effort and lack of maintainer history which raises some concerns.

πŸ“¦ Package Quality Overall: Low (2.8/10)

β—‹ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (28120 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 151 type-annotated function signatures detected in source
β—‹ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked β€” contributor count unavailable

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • ncode("utf-8") req = urllib.request.Request(url, data=data, headers=headers, method=method)
  • try: with urllib.request.urlopen(req, timeout=self.timeout) as resp:
  • quest_header_casing( req: urllib.request.Request, headers: Mapping[str, str] ) -> None: """ u
  • try: req = urllib.request.Request(url, data=data, headers=merged_headers, method=metho
βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

  • None try: return keyring.get_password(service, username) except Exception: return None
  • EN` 3) OS keyring entry (via `keyring.get_password("aiel", "default")`) when available If no token is found, r
βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

No GitHub repository linked

  • No GitHub repository link found
⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with aiel-sdk 
Develop a mini-application that leverages the 'aiel-sdk' Python package to create a smart contract-based task management system. This application will allow users to register tasks, execute them under certain conditions, and track their status using smart contracts. Here’s a detailed breakdown of the steps and features to include:

1. **User Registration**: Allow users to register with the system, storing their information securely.
2. **Task Creation**: Users should be able to create tasks with specific details like name, description, due date, and priority level.
3. **Task Execution**: Tasks should be executed based on predefined conditions (e.g., time-based triggers).
4. **Status Tracking**: Implement a feature to track the status of each task (Pending, In Progress, Completed).
5. **Smart Contract Integration**: Use the 'aiel-sdk' package to deploy smart contracts that handle task execution and status updates automatically when conditions are met.
6. **Decorator Usage**: Apply decorators from 'aiel-sdk' to manage and monitor task execution efficiently.
7. **Registry Management**: Utilize the registry functionalities within 'aiel-sdk' to manage and access deployed contracts easily.
8. **Curated Facades**: Leverage the curated facades provided by 'aiel-sdk' to simplify interactions with the underlying smart contract infrastructure.

Your goal is to showcase how 'aiel-sdk' can streamline the development of applications that require secure, automated, and transparent task management systems.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!