aijsondbpy

v0.11.0 safe
4.0
Medium Risk

Python wrapper for aijsondb

🤖 AI Analysis

Final verdict: SAFE

The package aijsondbpy v0.11.0 presents minimal risks given its functionality and analysis notes. While there's some concern about metadata and package maintenance activity, the lack of network calls, shell execution, obfuscation, and credential risks suggests it is not indicative of a supply-chain attack.

  • Low network, shell, obfuscation, and credential risks.
  • Metadata risk due to low activity and fewer maintained packages.
Per-check LLM notes
  • Network: No network calls detected, which is normal for a package focused on local JSON database operations.
  • Shell: No shell execution detected, aligning with the expected behavior of a non-administrative package.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package has low activity and the maintainer has few packages, suggesting potential unreliability.

📦 Package Quality Overall: Low (3.0/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2085 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 11 commits in awenzel67/aijsondb-py
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Andreas Wenzel" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aijsondbpy 
Build a simple Python application using the aijsondbpy package to demonstrate its core features.