ailsii

v0.1.0 suspicious
6.0
Medium Risk

Python wrapper for the AILS-II metaheuristic (INFORMS JoC 2023) for the Capacitated Vehicle Routing Problem

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits elevated risks due to its network and shell execution behaviors, which could potentially lead to security vulnerabilities. However, there is no direct evidence of malicious intent or obfuscation.

  • High network risk due to potential unvetted downloads
  • High shell risk due to uncontrolled execution of external commands
Per-check LLM notes
  • Network: The network call pattern suggests the package may download external resources which could be potentially malicious if not properly vetted.
  • Shell: The shell execution patterns indicate the package executes external commands, which can pose significant risks if not controlled properly, possibly leading to system compromise.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows several red flags including a suspicious non-HTTPS link, rapid commit history, and an author with minimal information and activity.

📦 Package Quality Overall: Low (4.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 2 test file(s) detected (e.g. test_cvrp.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (6322 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 8 type-annotated function signatures (partial)
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 5 commits in chkwon/PyAILSII
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • ream sources from {url}") urllib.request.urlretrieve(url, dest) digest = hashlib.sha256(dest.read
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

  • in(argv)) proc = subprocess.run(argv, capture_output=True, text=True, check=False)
  • files)} .java files") subprocess.run( ["javac", "-encoding", "UTF-8", "-d", str(build
  • =True, exist_ok=True) subprocess.run( ["jar", "cfe", str(JAR_DEST), JAR_MAIN_CLASS, *
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: omelet.ai>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://vrp.galgos.inf.puc-rio.br/
Git Repository History score 2.5

Git history flags: All 5 commits happened within 24 hours

  • All 5 commits happened within 24 hours
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ailsii 
Create a web-based application using Flask (a micro web framework written in Python) that leverages the 'ailsii' package to solve the Capacitated Vehicle Routing Problem (CVRP). The application should allow users to input various parameters such as the number of vehicles, vehicle capacity, depot location, and customer locations with their respective demands. Users should also be able to upload a map image or provide coordinates to visualize the routes on an interactive map. The application should output the optimized routes, total distance traveled, and other relevant statistics. Additionally, include features like saving the route solutions to a database for future reference, allowing users to compare different solution iterations, and providing a REST API endpoint for integrating the CVRP solver into other applications. Use the 'ailsii' package to perform the optimization process and ensure that the application is user-friendly and efficient.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!