aiking-core

v1.2.0 suspicious
7.0
High Risk

AI King engine — guards, runtime, ZIQ, FieldRead, PSYCHE, Cerno (AGPL-3.0-or-later or commercial)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high levels of obfuscation and attempts to read system files, indicating potential malicious intent. While there's no direct evidence of network communication or shell execution misuse, these factors combined with low maintainer activity raise significant concerns.

  • High obfuscation risk
  • Attempts to read system files
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package is expected to communicate with external services.
  • Shell: Shell execution patterns are present and may indicate legitimate functionality but could also signify potential misuse or hidden operations.
  • Obfuscation: The use of compile('exec') and dynamic arguments suggests an attempt to bypass detection or execute arbitrary code, which is highly suspicious.
  • Credentials: Attempts to read files like '/etc/passwd' indicate a potential risk for harvesting system credentials or sensitive information.
  • Metadata: The package shows signs of low maintainer activity and poor metadata quality, which could indicate potential risk.

📦 Package Quality Overall: Low (3.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 2 test file(s) detected (e.g. sediment_to_test.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (1817 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 353 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

  • n " "user input, compile('exec')) reaches disk unflagged; one " "agent line b
  • dynamic args, " "compile(..., 'exec'), Bash backtick substitution, " "Bash unquote
  • l-exec 動態參數 / " "compile('exec') / Bash 反引號 / Bash 未引用變數。" "繼承 PolicyGate fai
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • form == "win32": subprocess.Popen( [ "powershell",
  • orm == "darwin": subprocess.Popen( ["afplay", sound_file], s
  • ) else: subprocess.Popen( ["paplay", sound_file], s
  • f.write(vbs_content) subprocess.Popen( ["wscript", vbs_path], creationfl
  • ()" ) try: subprocess.Popen( ["powershell", "-NoProfile", "-Command", ps],
  • orm == "darwin": subprocess.run( ["osascript", "-e", f'display notification
Credential Harvesting score 5.0

Found 2 credential access pattern(s)

  • against ``expand("../../../etc/passwd", ...)`` style disk reads through untrusted se
  • space cannot proxy reads to ``/etc/passwd`` etc. if workspace_root is not None: try:
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ai-king.dev>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aiking-core 
Create a mini-application called 'AI Guardian' which leverages the 'aiking-core' package to provide advanced security and monitoring capabilities for user data. This application will serve as a personal data guardian, offering real-time alerts and analysis of potential threats based on user inputs. Here's a step-by-step guide on how to develop this application:

1. **Setup Project Environment**: Initialize a new Python project and install the 'aiking-core' package using pip.
2. **Define Core Features**: Utilize the 'guards' module from 'aiking-core' to set up different levels of security checks for user data. These could include data validation, encryption, and anomaly detection.
3. **Implement Real-Time Monitoring**: Use the 'runtime' feature of 'aiking-core' to continuously monitor user interactions and data flows, ensuring any suspicious activity triggers immediate alerts.
4. **Enhance with AI Capabilities**: Integrate the 'ZIQ', 'FieldRead', 'PSYCHE', and 'Cerno' functionalities provided by 'aiking-core' to analyze patterns in user behavior and predict potential risks more accurately.
5. **User Interface Design**: Develop a simple yet effective UI where users can input their data, view security statuses, and receive alerts in real-time.
6. **Testing and Deployment**: Rigorously test all components of your application, focusing especially on the security measures, before deploying it to a production environment.

Suggested Features:
- User-friendly interface for data entry and viewing security statuses.
- Automated generation of security reports summarizing any detected issues.
- Customizable alert settings allowing users to specify when and how they receive notifications about potential threats.
- Integration with common third-party services for enhanced security and data protection.

By following these steps and utilizing the comprehensive suite of tools offered by 'aiking-core', you'll create a robust and intelligent application capable of safeguarding user data against modern cyber threats.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!