aiohasupervisor

v0.5.0 suspicious
6.0
Medium Risk

Asynchronous python client for Home Assistant Supervisor.

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package shows some suspicious activities such as potential credential harvesting and has a low level of maintainer activity, raising concerns about its trustworthiness.

  • Potential credential harvesting
  • Low maintainer activity
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communication.
  • Shell: No shell executions detected, indicating the package does not execute system commands.
  • Obfuscation: No signs of obfuscation patterns were detected.
  • Credentials: The code snippet may indicate an attempt to access sensitive files, which raises suspicion for potential credential harvesting.
  • Metadata: Suspicious non-HTTPS link and low maintainer activity suggest potential issues, but not conclusive evidence of malice.

πŸ“¦ Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present β€” 15 test file(s) found

  • Test runner config found: pyproject.toml
  • 15 test file(s) detected (e.g. test_addons.py)
β—ˆ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Docs: Dev" -> https://developers.home-assistant.io/
  • Detailed PyPI description (3359 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 223 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 5 unique contributor(s) across 100 commits in home-assistant-libs/python-supervisor-client
  • Active community β€” 5 or more distinct contributors

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • # such as ../../../../etc/passwd if not url.raw_path.endswith(uri): rais
βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: home-assistant.io>

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://192.168.1.2
βœ“ Git Repository History

Repository home-assistant-libs/python-supervisor-client appears legitimate

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with aiohasupervisor 
Your task is to develop a Python-based utility called 'HomeAssistantSupervisorChecker' which leverages the 'aiohasupervisor' package to monitor and manage Home Assistant Supervisor add-ons. This utility will serve as a robust tool for Home Assistant users who want to ensure their add-ons are running smoothly without manual intervention. Here’s a detailed guide on how to implement this project:

1. **Project Setup**:
   - Install the necessary Python packages including 'aiohasupervisor', 'requests', and 'schedule'.
   - Set up a virtual environment for your project.

2. **Connecting to Home Assistant**:
   - Use 'aiohasupervisor' to establish a secure connection to the Home Assistant Supervisor API using valid credentials.
   - Implement error handling to manage common issues like invalid credentials or network errors.

3. **Add-on Management**:
   - Develop functions to start, stop, restart, and update Home Assistant Supervisor add-ons.
   - Ensure these functions provide feedback on the success or failure of each operation.

4. **Monitoring Add-ons**:
   - Create a monitoring system that periodically checks the status of specified add-ons.
   - Use the 'schedule' library to automate these checks at regular intervals.
   - Alert the user if an add-on is not running as expected, providing details about the issue.

5. **Logging and Reporting**:
   - Implement logging functionality to record all actions performed by the utility.
   - Generate periodic reports summarizing the health of the add-ons over time.

6. **User Interface**:
   - Design a simple command-line interface (CLI) for users to interact with the utility.
   - Provide options to manually trigger add-on operations, view logs, and generate reports.

7. **Testing and Documentation**:
   - Write tests for critical functionalities to ensure reliability.
   - Prepare comprehensive documentation explaining how to install, configure, and use the utility.

By following these steps, you'll create a powerful tool that enhances the management and monitoring capabilities of Home Assistant Supervisor add-ons.