airball

v0.11.0 suspicious
5.0
Medium Risk

A package for running and managing flybys using REBOUND.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to its low maintenance status and potential shell execution risks. While there are no immediate signs of malicious activity, further investigation is warranted.

  • Low metadata quality indicating possible lack of maintenance
  • Potential misuse of shell execution capabilities
Per-check LLM notes
  • Network: No network calls detected, which is normal and does not indicate any risk.
  • Shell: Shell execution may be necessary for the package's functionality but requires scrutiny to ensure it's not being exploited for malicious purposes.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows signs of low maintenance and effort, which may indicate potential risk but lacks clear indicators of malicious intent.

📦 Package Quality Overall: Low (3.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2990 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 17 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • in cmds: output = subprocess.run(cmd, cwd=cwd, **kwargs) if output.returncode !=
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gbrown.ca>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://www.gnu.org/licenses/
Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with airball 
Create a mini-application called 'FlybySimulator' that allows users to simulate celestial body flybys using the 'airball' package. This application will enable users to input parameters such as masses, initial positions, and velocities of celestial bodies to simulate their interactions under gravitational forces. The app should provide a simple graphical user interface (GUI) built with PyQt5 or Tkinter for ease of use. Additionally, it should include features like saving simulation data to a file, loading previously saved simulations, and visualizing the results in real-time. Users should be able to adjust simulation settings dynamically while the simulation is running. Utilize the 'airball' package to manage and run these simulations efficiently. Provide detailed documentation on how to install dependencies, set up the environment, and run the application.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!