aimet-onnx

v2.32.1 safe
3.0
Low Risk

AIMET onnx package

⚠ Tarball exceeded 25 MB — source code analysis was limited to package metadata only.

🤖 AI Analysis

Final verdict: SAFE

The package shows minimal risk indicators with no network calls, shell executions, or obfuscation patterns detected. The metadata risk score is slightly elevated due to the author's limited presence on PyPI, but there is no evidence of malicious intent.

  • No network calls detected
  • Single package by the author
  • Low metadata quality
Per-check LLM notes
  • Network: No network calls detected, which is normal for most library packages.
  • Shell: No shell executions detected, indicating no immediate risk from this aspect.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, suggesting secure handling of sensitive information.
  • Metadata: The author has only one package and lacks PyPI classifiers, suggesting low effort but not necessarily malicious intent.

📦 Package Quality Overall: Low (4.2/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://qualcomm.github.io/aimet-pages/releases/latest/index
  • Detailed PyPI description (11585 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 10 unique contributor(s) across 100 commits in quic/aimet
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: quicinc.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository quic/aimet appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "Qualcomm Innovation Center, Inc." appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aimet-onnx 
Build a simple Python application using the aimet-onnx package to demonstrate its core features.