airflow-sketcher

v0.1.0 suspicious
4.0
Medium Risk

Airflow Sketcher plugin and DAG factory for Excalidraw-based DAG authoring.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate concerns due to potential code obfuscation and low-effort metadata, suggesting possible malicious intent but lacking concrete evidence.

  • High obfuscation risk due to use of eval and exec
  • Low-effort metadata indicating lack of transparency
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell executions detected, indicating no immediate risk of command execution.
  • Obfuscation: The use of eval and exec with custom namespaces suggests obfuscation or code injection risks.
  • Credentials: No direct evidence of credential harvesting was found.
  • Metadata: The package shows signs of low effort and potential lack of transparency, raising suspicion.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. test_dag_factory.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (8285 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 11 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • try: return eval(raw_value, {'__builtins__': EXCALIDRAW_BUILTINS}, import_nam
  • ) return eval( compile(expression, '<excalidraw-arg>', 'eval')
  • statements.body: exec( compile(statements, '<excalidraw-arg>', 'exec'), ex
  • ion_namespace, ) exec( compile(parsed_code, '<excalidraw-arg>', 'exec'), execution
  • import statements') exec( compile(parsed_imports, '<excalidraw-imports>', 'exec'),
  • ce, **vars_namespace} exec( compile(parsed_vars, '<excalidraw-vars>', 'exec'), {'__
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with airflow-sketcher 
Create a mini-application that allows users to visually design Apache Airflow Directed Acyclic Graphs (DAGs) using the 'airflow-sketcher' package, which integrates Excalidraw for graphical representation. This application should enable users to not only draw their DAGs but also export them directly into executable Python code that can be run within an Airflow environment.

### Features:
1. **User Interface**: Develop a simple, intuitive web interface where users can drag and drop nodes (tasks) and connect them with directed edges to create a DAG.
2. **Excalidraw Integration**: Utilize the 'airflow-sketcher' package to allow users to sketch out their DAGs using Excalidraw's visual editor. Ensure that the sketches are saved in a format compatible with Airflow.
3. **Code Export**: Implement functionality that converts the user's DAG sketch into Python code. This code should be ready to import into an Airflow instance.
4. **Real-time Validation**: Provide real-time feedback on the validity of the DAG structure as users are drawing it. Highlight potential issues such as cycles or disconnected nodes.
5. **History and Version Control**: Allow users to save multiple versions of their DAG designs and switch between them easily.
6. **Customization Options**: Offer customization options for tasks, such as setting task types, durations, and dependencies.
7. **Documentation and Help**: Include a comprehensive help section that guides users through the process of designing and exporting DAGs.

### Steps to Build the Application:
1. **Set Up the Environment**: Install necessary packages including 'airflow', 'airflow-sketcher', and any other required libraries.
2. **Develop the User Interface**: Use Flask or Django to create a web application that hosts the user interface. Integrate Excalidraw via the 'airflow-sketcher' package.
3. **Implement Sketching Functionality**: Enable users to draw DAGs using Excalidraw's tools within your web application.
4. **Convert Sketches to Code**: Write a function that takes the user's sketch data and translates it into valid Python code for Airflow.
5. **Add Real-time Validation**: Implement checks to ensure the DAG structure is valid while the user is still sketching.
6. **Save and Load DAG Designs**: Create functionality that saves different versions of the user's work and allows them to load previous versions.
7. **Customization and Documentation**: Provide options for customizing tasks and include detailed documentation within the app.
8. **Testing and Deployment**: Test the application thoroughly to ensure all features work correctly. Deploy the application so it can be accessed via a web browser.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!