alens-importers

v0.10.7 suspicious
4.0
Medium Risk

Importers for Beancount's beangulp

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits low risk in terms of network usage, shell execution, and obfuscation. However, the metadata quality and maintainer activity are concerning, suggesting potential issues with legitimacy or maintenance.

  • Low maintainer activity
  • Poor metadata quality
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require internet access.
  • Shell: No shell executions detected, which is expected unless the package requires system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows low maintainer activity and poor metadata quality, raising concerns about its legitimacy.

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

  • 8 test file(s) detected (e.g. test_forex.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (1746 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 39 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in alensiljak/alens-importers
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alens-importers 
Create a personal finance management tool using Python that leverages the 'alens-importers' package to streamline financial data importation into Beancount's beangulp system. Your task is to design and implement a user-friendly application that allows users to effortlessly upload various financial statements (such as bank statements, credit card bills, etc.) and convert them into Beancount format for bookkeeping purposes. The application should support multiple file formats (CSV, PDF, Excel) and provide error handling for common issues like missing headers, incorrect data types, and malformed files. Additionally, include features such as automatic categorization of transactions based on predefined rules, support for multi-currency transactions, and a simple GUI for easy interaction. Utilize 'alens-importers' to handle the conversion process from raw data to Beancount entries, ensuring that the imported data is clean and ready for analysis. Document your code thoroughly and include instructions for setting up and running the application.