aihw-mcp

v0.4.19 suspicious
7.0
High Risk

MCP server for Australian Institute of Health and Welfare data. Plain-English access to mortality (GRIM/MORT), cancer incidence, health expenditure, youth justice detention, and the public hospitals register.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows significant risks related to credential harvesting and lacks supporting metadata, indicating potential malicious intent.

  • High risk of credential harvesting
  • Single package maintainer with no associated repository
Per-check LLM notes
  • Network: The use of an HTTP client suggests the package may be designed to interact with external services, which is common but should be reviewed for legitimacy.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No signs of obfuscation detected.
  • Credentials: High risk of credential harvesting observed with attempts to access sensitive files like /etc/passwd.
  • Metadata: The maintainer has only one package and the repository is not found, raising some suspicion.

📦 Package Quality Overall: Medium (5.6/10)

✦ High Test Suite 9.0

Test suite present — 19 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 19 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/Bigred97/aihw-mcp#readme
  • Detailed PyPI description (11675 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 125 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • Cache() self._http = httpx.AsyncClient( timeout=DEFAULT_TIMEOUT, transport=
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting score 10.0

Found 5 credential access pattern(s)

  • : "Right One", "url": "file:///etc/passwd"}], }, }) ) async with AIHWClie
  • script>", "../../etc/passwd", "../%2e%2e/passwd", "%00", "\x00mortality"]: r =
  • arametrize("bad_id", [ "../etc/passwd", "GRIM/DEATHS", "GRIM%20DEATHS", "GRIM DEATHS"
  • url in ( "file:///etc/passwd", "javascript:alert(1)", "data:text
  • it server.describe_dataset("../etc/passwd") @pytest.mark.asyncio async def test_describe_dataset_em
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Harry Vass" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aihw-mcp 
Create a web-based dashboard application using Python's Flask framework and the 'aihw-mcp' package. This application will serve as a user-friendly interface for exploring various datasets provided by the Australian Institute of Health and Welfare, including mortality statistics, cancer incidence rates, health expenditure trends, youth justice detention data, and information from the public hospitals register.

The application should allow users to:
1. Select specific datasets they are interested in from a dropdown menu.
2. Filter data based on years, regions, age groups, and other relevant criteria.
3. View summary statistics and visualizations (charts and graphs) for the selected data.
4. Export filtered data into CSV or Excel format.
5. Receive notifications or alerts when new data becomes available.

Utilize the 'aihw-mcp' package to interact with the API endpoints that provide access to these datasets. Specifically, use the package's functions to fetch raw data, process it according to user preferences, and present it in a comprehensible manner through the web interface. Ensure that the application handles errors gracefully and provides meaningful feedback to users about their queries.

This project aims to make complex health and welfare data accessible and understandable to a wide audience, from researchers and policymakers to general citizens interested in health trends.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!