airflow-unicore-integration

v0.5.0 suspicious
4.0
Medium Risk

Running Unicore Jobs from airflow DAGs.

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal signs of malicious activity, but the incomplete author information and apparent inactivity of the maintainer raise concerns about potential supply-chain risks.

  • Incomplete author information
  • Inactive maintainer
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communication.
  • Shell: No shell execution patterns detected, indicating no direct system command execution within the package.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets and credentials.
  • Metadata: The author information is incomplete, and the maintainer seems new or inactive, which raises some suspicion but not enough to conclusively determine malice.

πŸ“¦ Package Quality Overall: Medium (5.0/10)

β—ˆ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (14537 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 24 type-annotated function signatures detected in source
β—ˆ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 100 commits in UNICORE-EU/airflow-unicore-integration
  • Single author but highly active (100 commits)

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: fz-juelich.de>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository UNICORE-EU/airflow-unicore-integration appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with airflow-unicore-integration 
Build a simple Python application using the airflow-unicore-integration package to demonstrate its core features.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!