aither-adk

v2.7.0 suspicious
6.0
Medium Risk

Build AI agents with real memory + faculties on any backend, local or cloud. Open-core: free local runtime with typed memory, knowledge graph, code graph and ReAct; paid tiers (portal.aitherium.com) unlock fleets, channels, reasoning and marketplace packs.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits signs of potential credential harvesting due to multiple environment variable accesses and has metadata risks such as a missing author name and a non-HTTPS external link. These factors, combined with moderate obfuscation techniques, suggest caution and further investigation.

  • High credential risk due to environment variable accesses
  • Missing author metadata and non-HTTPS link
Per-check LLM notes
  • Obfuscation: The presence of base64 decoding and signature verification suggests some level of obfuscation or data integrity checks, but it's not definitively malicious without context.
  • Credentials: Detection of multiple environment variable accesses for tokens indicates potential unauthorized credential harvesting activities.
  • Metadata: The author's name is missing and the author seems new or inactive, with only one package on PyPI. The presence of a non-HTTPS external link raises some concern.

📦 Package Quality Overall: Medium (7.0/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. test_setup.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/Aitherium/aither#readme
  • Detailed PyPI description (34396 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 666 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 6 unique contributor(s) across 100 commits in Aitherium/aither
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • ons.""" try: with socket.create_connection((host, port), timeout=timeout): return True
  • try: req = urllib.request.Request(f"http://localhost:{port}/health") with
  • rt}/health") with urllib.request.urlopen(req, timeout=5) as resp: if resp.sta
  • ode() try: req = urllib.request.Request( f"http://localhost:{port}/v1/chat/compl
  • son"}, ) with urllib.request.urlopen(req, timeout=60) as resp: data = json.lo
  • """Download a file using urllib.request. Returns True on success.""" if dry_run: info(f"
Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

  • urn None payload_bytes = base64.b64decode(payload_b64) if not _verify_signature(payload_bytes, sig
  • envelope = json.loads(base64.b64decode(env_key).decode("utf-8")) lic = _license_from_en
  • )\b", _re.I) _TOOL_VERB = _re.compile(r"\b(search|look up|find|email|send|schedule|book|calendar|read|open|upload|download|create|build|generate|write|draft|analyze|analyse|compare|research|investigate|deploy|run|execute|fix|debug)\b", _re.I) def keyword_intent(message: str)
  • ULES))}" ) return __import__(name, *args, **kwargs) def python_exec(code: str) -> str: """Execute Python
  • ) _SAFE_BUILTINS = { k: getattr(__builtins__, k) if hasattr(__builtins__, k) else __builtins__[k] fo
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • """ try: result = subprocess.run( cmd, capture_output=True,
  • .") try: result = subprocess.run( ["ollama", "pull", model], timeout=
  • .") try: result = subprocess.run(cmd, timeout=120) if result.returncode == 0:
  • al[str]: try: r = subprocess.run(cmd, capture_output=True, text=True, timeout=timeout)
  • if not dry_run: subprocess.Popen(["ollama", "serve"], stdout=subprocess.DEVNULL,
  • try: result = subprocess.run( ["ollama", "pull", model],
Credential Harvesting score 7.5

Found 3 credential access pattern(s)

  • if discord: token = os.environ.get("DISCORD_BOT_TOKEN", "") if not token: print("Set
  • if slack: bot_token = os.environ.get("SLACK_BOT_TOKEN", "") app_token = os.environ.get("SLACK_AP
  • KEN", "") app_token = os.environ.get("SLACK_APP_TOKEN", "") if not bot_token or not app_token:
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: aitherium.com>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://elysium.local
Git Repository History

Repository Aitherium/aither appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aither-adk 
Create a mini-app called 'MemoryMentor' that leverages the 'aither-adk' Python package to provide personalized study guidance and support for students preparing for exams. The app will use AI agents to help students manage their study schedules, track progress, and receive tailored advice based on their performance history and study habits.

Step-by-Step Functionality:
1. **User Onboarding**: Users sign up/log in, and create a profile including details like exam subjects, preferred study times, and goals.
2. **Study Schedule Generation**: Based on user input, the app generates a customized study schedule, taking into account daily commitments and preferred learning times.
3. **Daily Check-ins**: Users log their daily study activities, which the app records and analyzes using its memory and knowledge graph capabilities.
4. **Performance Analysis**: The app provides feedback on study efficiency and suggests adjustments to the study plan based on performance data.
5. **Tailored Advice**: Using the ReAct feature of 'aither-adk', the app offers personalized tips and strategies for improvement.
6. **Progress Tracking**: A dashboard shows overall progress towards exam readiness, highlighting strengths and areas needing more focus.
7. **Community Features**: Users can join study groups where they share tips and resources, and the AI agent facilitates discussions and collaborations.

Suggested Features:
- Integration with calendar apps for seamless scheduling.
- Customizable alerts/reminders for upcoming study sessions.
- Gamification elements such as badges/achievements for motivation.
- Option to export study logs for review by educators/tutors.

How 'aither-adk' is Utilized:
- For building the AI agents that handle user interactions and data analysis, utilizing the real memory and knowledge graph features.
- To enable the agents to reactively provide advice and insights based on the user's study behavior and performance.
- For managing the backend logic, whether running locally or leveraging cloud services, to ensure scalability and reliability of the app.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!