Package Metadata

Author: —
Email: Evangelos Pappas <[email protected]>
PyPI: alexandria-wiki
Python: >=3.11
Versions: 71 releases
First release: 16 Apr 2026, 23:46 UTC
Analysed: 06 Jun 2026, 21:33 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaEnvironment :: ConsoleIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risks due to its use of obfuscation and potential shell execution, which could indicate attempts to hide functionality or interact with system tools in ways that are not entirely transparent.

Moderate obfuscation risk
Potential unauthorized shell execution

Per-check LLM notes

Network: No network calls detected, which is normal and does not indicate any risk.
Shell: Detection of shell execution suggests the package may be invoking external commands, which could be legitimate if it's designed to interact with system tools. However, it requires further investigation to ensure there is no unauthorized access or command execution.
Obfuscation: The code uses obfuscation techniques which could be used to hide logic or make reverse engineering harder, but it's not conclusive evidence of malicious intent.
Credentials: No clear patterns indicative of credential harvesting were found.
Metadata: The author information is sparse, suggesting potential low activity or newness which could indicate risk, but no clear malicious indicators.

📦 Package Quality Overall: Medium (5.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/epappas/alexandria/tree/main/docs
Detailed PyPI description (8853 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

248 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 5.0

Limited contributor diversity

1 unique contributor(s) across 100 commits in epappas/alexandria
Single author but highly active (100 commits)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

iefs], "exported_at": __import__("datetime").datetime.now(__import__("datetime").UTC).isoformat(), }
rt__("datetime").datetime.now(__import__("datetime").UTC).isoformat(), } out_path = output_dir / "alexa

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

["--reason", reason]) subprocess.Popen(cmd, start_new_session=True, stdout=
cal", "project"): subprocess.run( ["claude", "mcp", "remove", "alexandria", "
add with correct args subprocess.run( ["claude", "mcp", "add", "alexandria", "--", al
ull_prompt) result = subprocess.run( cmd, capture_output=True,
cloned — pull latest subprocess.run( ["git", "-C", str(repo_dir), "pull", "--quiet",
, exist_ok=True) result = subprocess.run( ["git", "clone", "--quiet", "--depth=1", url, str(r

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: evalonlabs.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository epappas/alexandria appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alexandria-wiki

Create a personal knowledge management tool called 'MyWiki' using the 'alexandria-wiki' Python package. This tool should allow users to locally store and organize their notes, articles, and other pieces of information in a structured manner. The application should support the following core functionalities:

1. **Note Creation and Management**: Users should be able to create, edit, delete, and search through their notes.
2. **Tagging System**: Implement a tagging system to categorize notes based on topics, projects, or any other relevant criteria.
3. **Version Control**: Keep track of changes made to each note, allowing users to revert to previous versions if needed.
4. **Integration with External Agents**: Use the MCP (Message Communication Protocol) exposed by 'alexandria-wiki' to connect with external agents such as Claude Code for advanced processing tasks like summarization, translation, or generating insights from notes.
5. **User Interface**: Develop a simple yet intuitive user interface that enables easy interaction with the application's features.
6. **Security Features**: Ensure that all data stored locally is securely encrypted to protect user privacy.

The 'alexandria-wiki' package will be utilized to handle the local storage and retrieval of notes, as well as to facilitate communication between the application and external agents via MCP. Your task is to design and implement 'MyWiki', ensuring it provides a seamless experience for managing personal knowledge while leveraging the capabilities offered by 'alexandria-wiki'.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.0/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue