AI Analysis
Final verdict: SAFE
The package shows minimal risk with no signs of malicious intent. The primary concern is the metadata risk due to incomplete author details and limited package history.
- Low risk scores across all categories.
- Incomplete author details and single-package maintainer noted as metadata risk.
Per-check LLM notes
- Network: The observed network call patterns are typical for fetching external resources, likely legitimate but should be reviewed for the specific context and URLs used.
- Shell: No shell execution patterns detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The author's details are incomplete and the author has only one package, which may indicate a new or less active maintainer.
Package Quality Overall: Medium (6.6/10)
✦ High
Test Suite
9.0
Test suite present — 16 test file(s) found
Test runner config found: conftest.pyTest runner config found: pyproject.toml16 test file(s) detected (e.g. conftest.py)
◈ Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (15858 chars)
○ Low
Contributing Guide
4.0
No contributing guide or governance files found
Development Status classifier >= Beta
◈ Medium
Type Annotations
5.0
Partial type annotation coverage
179 type-annotated function signatures detected in source
✦ High
Multiple Contributors
10.0
Active multi-contributor project
5 unique contributor(s) across 100 commits in kulapard/aiohttp-apigamiActive community — 5 or more distinct contributors
Heuristic Checks
Outbound Network Calls
score 3.0
Found 2 network call pattern(s)
url) try: resp = requests.get(url, timeout=GITHUB_API_TIMEOUT) resp.raise_for_stat""" try: with requests.get(url, stream=True, timeout=REQUEST_TIMEOUT) as resp:
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: drapalyuk.com>
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository kulapard/aiohttp-apigami appears legitimate
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with aiohttp-apigami
Build a simple Python application using the aiohttp-apigami package to demonstrate its core features.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue