aird

v0.4.22 suspicious
5.0
Medium Risk

Aird - A lightweight web-based file browser, editor, and streamer with real-time capabilities

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is assessed as suspicious due to potential typosquatting targeting 'arq' and having a new maintainer with limited package history.

  • Potential typosquatting targeting 'arq'
  • New maintainer with only one package
Per-check LLM notes
  • Network: The package makes network calls to retrieve files from an external URL and uploads to Google Drive, which could indicate legitimate functionality but may also be a vector for data exfiltration.
  • Shell: No shell execution patterns detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, which may indicate a new or less active account.
  • Typosquatting target: arq

📦 Package Quality Overall: Medium (5.6/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (14668 chars)
◈ Medium Contributing Guide 7.0

Some contribution signals present

  • Governance file: security.py
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 358 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 5 unique contributor(s) across 100 commits in blinkerbit/aird
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • try: response = requests.get( f"{self._base_url}/files",
  • try: meta_resp = requests.get( f"{self._base_url}/files/{file_id}",
  • download_resp = requests.get( f"{self._base_url}/files/{file_id}",
  • } response = requests.post( "https://www.googleapis.com/upload/drive/v
  • try: init_resp = requests.post( "https://www.googleapis.com/upload/drive/v
  • upload_resp = requests.put( upload_url, heade
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 3.0

Possible typosquat of: arq

  • "aird" is 2 edit(s) from "arq"
Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository blinkerbit/aird appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Viswantha Srinivas P" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aird 
Your task is to develop a collaborative code editing platform using the Python package 'aird'. This platform will allow multiple users to simultaneously edit and view Python scripts in real-time, making it perfect for coding workshops, hackathons, or remote team collaborations. Here are the steps and features you need to implement:

1. **Setup**: Install the 'aird' package and set up a basic web server that serves as the base for your collaborative code editor.
2. **User Interface**: Design a simple yet intuitive user interface where users can log in or create an account. Ensure that each user has their own workspace.
3. **Real-Time Collaboration**: Utilize 'aird's real-time capabilities to enable multiple users to edit the same Python script simultaneously. Implement features such as highlighting changes made by different users and showing who made which change.
4. **File Management**: Integrate file browsing and management features within 'aird', allowing users to upload, download, and delete files from their workspaces.
5. **Code Editor**: Embed a code editor within your application that supports syntax highlighting for Python. Users should be able to save their edited scripts back to their workspaces.
6. **Notifications**: Add a notification system that alerts users when someone else starts editing a file they're working on.
7. **Security Measures**: Implement basic security measures like user authentication and authorization to protect user data.
8. **Testing**: Thoroughly test the application to ensure that all features work seamlessly and that there are no security vulnerabilities.
9. **Documentation**: Provide clear documentation on how to use the application, including setup instructions and a user guide.

By following these steps, you'll create a fully functional, collaborative code editing platform that leverages the real-time and file management capabilities of the 'aird' package.