alethic-ism-core

v1.0.56 suspicious
6.0
Medium Risk

Alethic Instruction-Based State Machine (Core Python SDK)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of suspicious behavior due to high obfuscation risks and unverified network calls, suggesting potential hidden malicious functionalities.

  • High obfuscation risk
  • Unverified network calls
Per-check LLM notes
  • Network: The package makes network calls to an external API which could be legitimate but requires further investigation into the purpose and destination of these calls.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: The presence of obfuscated and potentially unsafe evaluation functions suggests the package may be hiding malicious functionality.
  • Credentials: No clear evidence of credential harvesting patterns detected.
  • Metadata: The maintainer has a new or inactive account and lacks a full author name, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (4.6/10)

✦ High Test Suite 9.0

Test suite present — 19 test file(s) found

  • 19 test file(s) detected (e.g. test_base_processor.py)
○ Low Documentation 1.0

No documentation detected

  • No documentation URL, doc files, or meaningful description found
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 360 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in quantumwake/alethic-ism-core
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 4.5

Found 3 network call pattern(s)

  • session locally with requests.Session() as session: response = session.post(url, heade
  • a session response = requests.get(url) logger.info(f"here is the session {response}")
  • tumwake.io" session = requests.Session() url = f"{base_url}/api/v1/query/{state_id
Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • , (r"eval\s*\(", "eval() function"), (r"exec\s*\(", "exec() function"),
  • tion # return eval(column_definition.value) return safer_evalua
  • eval for column name version: eval(processor_state.version) to
  • uation # # return eval(column_definition.value) # return safer_evaluate
  • mented. # value = eval(func, kwargs) # return value # # return
  • lowed_vars = {} result = eval(compiled_code, restricted_globals, allowed_vars) return
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: alethic.ai>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository quantumwake/alethic-ism-core appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alethic-ism-core 
Create a simple event-driven task manager using the 'alethic-ism-core' Python package. This application will allow users to define tasks with specific conditions and actions that are executed based on those conditions. For example, a user might want to set up a task that sends an email reminder if a certain file size exceeds a predefined threshold.

Step 1: Define the Core Functionality
- Users should be able to add new tasks with conditions and corresponding actions.
- Tasks can have multiple conditions and actions.
- Conditions can include file existence, file size, time-based triggers, etc.
- Actions could involve sending emails, logging messages, running scripts, etc.

Step 2: Implement Task Management
- Provide a command-line interface where users can view all current tasks.
- Allow editing of existing tasks.
- Support deleting tasks.

Step 3: Integrate 'alethic-ism-core'
- Use the state machine provided by 'alethic-ism-core' to manage the flow of events and conditions.
- Ensure that each task is represented as a state in the state machine.
- When a condition is met, transition to the next state where the associated action is performed.

Suggested Features:
- Add support for scheduling tasks at regular intervals.
- Implement logging of task execution results for debugging purposes.
- Allow configuration via a YAML file for easy setup and modification without needing to run the application.

The goal is to create a versatile tool that showcases the capabilities of 'alethic-ism-core' in handling complex, conditional workflows.