aitester-bdd

v0.3.0 safe
4.0
Medium Risk

LLM-driven BDD test authoring for Robot Framework — turn an intention + live app into a .robot suite

🤖 AI Analysis

Final verdict: SAFE

The package appears to serve its intended purpose without significant red flags. While there are some concerns about shell execution and obfuscation techniques, these alone do not conclusively point towards malicious intent.

  • Shell execution patterns
  • Use of dynamic imports and string manipulation
Per-check LLM notes
  • Network: The network call pattern seems to be part of normal HTTP GET requests, possibly for fetching resources or testing endpoints.
  • Shell: Shell execution patterns include running external commands which could be legitimate for installing dependencies or initializing environments, but may also indicate potential for executing arbitrary code.
  • Obfuscation: The code uses dynamic imports and string manipulation which could be used for obfuscation but may also have legitimate purposes.
  • Credentials: No clear signs of credential harvesting or secret handling were found in the provided snippets.
  • Metadata: The author has only one package, which could indicate a new or less active user, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (5.2/10)

✦ High Test Suite 9.0

Test suite present — 7 test file(s) found

  • Test runner config found: pyproject.toml
  • 7 test file(s) detected (e.g. test_artifact_pipeline.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (5966 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 476 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 66 commits in kundeng/aitester-bdd
  • Single author but highly active (66 commits)

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • else {} try: r = httpx.get(f"{base}{path}", headers=headers, timeout=10) if r.s
Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

  • rl(), "extracted_at": __import__("datetime").datetime.now( __import__("datetime").timezone.u
  • e").datetime.now( __import__("datetime").timezone.utc ).isoformat(), } def _extract_fi
  • .get(art_name) path = __import__("pathlib").Path(override) if override else output_dir / f"{art_name}.j
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • ring explorer)...") rc1 = subprocess.run( [sys.executable, "-m", "playwright", "install", "ch
  • ntime backend)...") rc2 = subprocess.run( [sys.executable, "-m", "Browser.entry", "init"]
  • cmd.append(suite) rc = subprocess.run(cmd).returncode raise typer.Exit(code=rc) @app.command
  • backend. try: r = subprocess.run(["agent-browser", "--version"], capture_output=True, text=Tr
  • return try: subprocess.run( [_resolve_bin(), "--session", _SESSION_ID, "clo
  • try: r = subprocess.run( cmd, capture_output=True,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository kundeng/aitester-bdd appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "kundeng" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aitester-bdd 
Create a fully-functional mini-application that utilizes the 'aitester-bdd' package to automate the testing process of a simple web application using Behavior Driven Development (BDD). Your task is to develop a small e-commerce website with basic functionalities such as adding products to a cart, viewing the cart, and checking out. The application should be designed in such a way that it allows developers and testers to write tests in a human-readable format (.robot files) without having deep knowledge of programming languages.

Steps:
1. Set up the e-commerce web application with Flask or Django, including models for products, carts, and orders.
2. Integrate the 'aitester-bdd' package to your project to facilitate the creation of BDD tests.
3. Write BDD scenarios for key functionalities like adding products to the cart, viewing the cart, and completing a purchase.
4. Use the 'aitester-bdd' package to convert these intentions into executable .robot files.
5. Run the generated tests against the live application to ensure all functionalities work as expected.
6. Document the setup process, including how to run the tests and interpret the results.

Suggested Features:
- A user-friendly interface for adding products to the cart.
- Real-time updates on the total cost of items in the cart.
- A secure checkout process with options for payment via credit card or PayPal.
- Integration with a database to store product information and order history.
- Detailed logging of test results and exceptions for easy debugging.

How 'aitester-bdd' is Utilized:
- The 'aitester-bdd' package will be used to automatically generate .robot test files based on the provided BDD scenarios. These scenarios describe the desired behavior of the application in plain language, making it easier for non-technical stakeholders to understand and validate the requirements.
- After writing the initial scenarios, you'll use the package's capabilities to translate these into executable Robot Framework tests. This will involve specifying the application's URL, interacting with the web elements, and verifying the expected outcomes.
- Finally, the tests will be executed against the running web application to verify that the actual behavior matches the intended behavior described in the BDD scenarios.