aisquare-pipe-docusign

v0.1.0 safe
3.0
Low Risk

DocuSign connector for aisquare.pipe

πŸ€– AI Analysis

Final verdict: SAFE

The package exhibits low network and shell risks, and although there are some concerns about metadata quality and package maintenance, these do not strongly suggest malicious intent.

  • Low network and shell execution risks.
  • Metadata quality and package maintenance could be improved.
Per-check LLM notes
  • Network: The observed network call is likely for authenticating OAuth token, which is common for packages interacting with cloud services like DocuSign.
  • Shell: No shell execution patterns were detected.
  • Metadata: The package shows signs of low activity and metadata quality, which may indicate it's not well-maintained but does not conclusively point to malicious intent.

πŸ“¦ Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present β€” 4 test file(s) found

  • Test runner config found: pyproject.toml
  • 4 test file(s) detected (e.g. test_client.py)
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (4558 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 20 type-annotated function signatures detected in source
β—‹ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked β€” contributor count unavailable

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • "].rstrip("/") response = requests.post( f"https://{auth_server}/oauth/token", data=
⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • ntract.pdf" decoded = base64.b64decode(envelope_def.documents[0].document_base64) assert de
  • rgs.args[0] decoded = base64.b64decode(envelope_def.documents[0].document_base64) assert de
βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

No author email provided

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

No GitHub repository linked

  • No GitHub repository link found
⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released β€” brand new package
  • Author "A-Square" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with aisquare-pipe-docusign 
Create a fully-functional mini-application called 'DocuSign Pipeline Manager' that integrates with the DocuSign API via the 'aisquare-pipe-docusign' package. This app will streamline the document signing process for users by allowing them to upload documents, generate templates, send out signing requests, track the status of signatures, and manage completed agreements. Here’s a detailed breakdown of the steps and features your app should include:

1. **User Authentication**: Implement user authentication using OAuth 2.0 to securely connect with the DocuSign API through the 'aisquare-pipe-docusign' package.
2. **Document Upload & Template Creation**: Allow users to upload their own documents or create templates directly within the app. Templates should support placeholders for recipient names, dates, and other dynamic content.
3. **Sending Signing Requests**: Once documents are ready, users should be able to send out signing requests to multiple recipients. Each request should specify roles for different signers and include custom message options.
4. **Real-Time Status Updates**: Provide real-time updates on the status of each document (pending, signed, declined, etc.) using webhooks or polling methods provided by 'aisquare-pipe-docusign'.
5. **Completed Agreements Management**: After all signatures are collected, allow users to download the completed agreements, view a summary of the signing process, and store them in a secure cloud storage service like AWS S3.
6. **Customization Options**: Offer customization options such as adding company logos, setting up automatic reminders, and configuring email notifications.
7. **Analytics Dashboard**: Include a simple analytics dashboard that tracks key metrics like average time to sign, completion rates, and user activity.

To utilize the 'aisquare-pipe-docusign' package effectively, you'll need to follow its documentation closely to understand how to authenticate users, handle document objects, manage envelopes, and interact with the DocuSign API endpoints. Ensure your application is well-documented and easy to maintain.