Package Metadata

Author: —
Email: SukramJ <[email protected]>
PyPI: aiohomematic-contract
Python: >=3.14
Versions: 1 release
First release: 03 Jun 2026, 19:47 UTC
Analysed: 06 Jun 2026, 18:03 UTC
Source files: 13 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseNatural Language :: EnglishOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.14Programming Language :: Python :: Implementation :: CPython

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal direct risks but raises concerns due to its new creation and lack of maintainance history, suggesting potential supply-chain attack indicators.

metadata risk due to new creation
limited maintainer history

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external communications.
Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The package shows signs of being newly created with limited maintainer history and an empty git repository, raising suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 4 test file(s) found

Test runner config found: pyproject.toml
4 test file(s) detected (e.g. test_channel_unique_id_golden.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (4594 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
11 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 6 commits in sukramj/aiohomematic-contract
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: icloud.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 5.0

Git history flags: Repository created very recently: 5 day(s) ago (2026-06-01T18:27:09Z)

Repository created very recently: 5 day(s) ago (2026-06-01T18:27:09Z)
Repository has zero stars and zero forks

⚠ Maintainer History score 8.0

4 maintainer concern(s) found

Only one version has ever been released — brand new package
Package is very new: uploaded 3 day(s) ago
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aiohomematic-contract

Create a home automation dashboard using Python that integrates with various smart home devices through the 'aiohomematic-contract' package. This package provides cross-implementation contracts that help in maintaining consistency between different implementations of smart home device protocols. Your goal is to build a mini-application that can control and monitor smart home devices such as lights, thermostats, and security systems.

Step 1: Set up your development environment. Ensure you have Python installed and create a virtual environment. Install necessary packages including 'aiohomematic-contract'.

Step 2: Use 'aiohomematic-contract' to establish connections with your smart home devices. This involves understanding the contract specifications provided by the package to ensure compatibility and reliability across different devices and implementations.

Step 3: Develop a user interface (UI) for your dashboard. This could be a simple command-line interface (CLI) or a web-based UI using Flask or Django. The UI should allow users to control their smart devices (turn lights on/off, adjust thermostat settings, etc.) and view real-time status updates from these devices.

Step 4: Implement functionality for monitoring device statuses. Utilize the reference algorithms and golden fixtures provided by 'aiohomematic-contract' to accurately interpret data from your devices and display it in your dashboard.

Suggested Features:
- Device Control: Ability to turn devices on/off, adjust settings, etc.
- Real-Time Monitoring: Display current status of devices in real-time.
- Historical Data: Store and display historical data for analysis.
- Notifications: Alert users via email or SMS when certain conditions are met.
- Customizable Dashboard: Allow users to customize their dashboard layout.

How 'aiohomematic-contract' is Utilized:
- Establishing reliable connections with smart home devices through standardized contracts.
- Ensuring consistent data interpretation across different devices and protocols.
- Providing reference algorithms for accurate data processing.
- Offering golden fixtures for testing and validating implementation correctness.