Package Metadata

Author: AlgoPay contributors
Email: —
PyPI: algopay-sdk
Python: >=3.10
Versions: 3 releases
First release: 22 Mar 2026, 06:22 UTC
Analysed: 06 Jun 2026, 21:47 UTC
Source files: 38 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SAFE

The package appears to be legitimate with low risks associated with network, shell, credential, and metadata. While there is a moderate obfuscation risk, this is likely due to its cryptographic nature rather than malicious intent.

moderate obfuscation risk due to base64 decoding and json parsing
low risks across other categories

Per-check LLM notes

Network: The use of an HTTP client suggests the package communicates with external services, which is common for payment SDKs.
Shell: No shell execution patterns detected, indicating low risk.
Obfuscation: The presence of base64 decoding and json parsing suggests potential obfuscation of sensitive data, but it could also be legitimate for handling encoded data in a crypto library.
Credentials: No clear patterns indicative of credential harvesting were detected.
Metadata: The package shows some red flags such as low repository activity and a new maintainer account, but no clear signs of malicious intent.

📦 Package Quality Overall: Low (4.4/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://algodev-studio.github.io/algopay-sdk/
Detailed PyPI description (9316 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

219 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 16 commits in Algodev-Studio/algopay-sdk
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

self._http_client = httpx.AsyncClient(timeout=self._config.http_timeout) return self._http

⚠ Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

body = json.loads(base64.b64decode(pr_hdr)) return body def _payment_required_for_network
pr_dec = json.loads(base64.b64decode(pr_hdr)) tx_id = pr_dec.get("transac
count() private_key = base64.b64decode(sk_b64) wid = str(uuid.uuid4()) rec = Wallet
de(stxn) out[i] = base64.b64decode(sb64) return out [build-system] requires = ["hatchl

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://`

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "AlgoPay contributors" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with algopay-sdk

Create a fully-functional mini-application called 'AI Marketplace' using the 'algopay-sdk' Python package. This application will serve as a platform where AI agents can buy and sell services, utilizing the Algorand blockchain for secure transactions. Here’s a detailed breakdown of what your application should achieve:

1. **User Registration and Login**: Users should be able to register and log in to the marketplace. Each user will have a unique identifier and a digital wallet linked to their Algorand account.

2. **Service Listings**: AI agents can list services they provide, such as data analysis, predictive modeling, or content generation. Each listing should include details like service description, cost (in USDC), and availability.

3. **Transaction Handling**: Utilize the 'algopay-sdk' package to handle all transactions between buyers and sellers. Ensure that payments are processed securely using the Algorand network, specifically leveraging x402 and USDC assets.

4. **Guard Mechanism Integration**: Implement a guard mechanism to ensure that transactions are only executed under certain conditions (e.g., if the buyer has sufficient funds).

5. **Order Management**: Buyers can place orders for listed services, and sellers can accept or reject these orders. Once accepted, the order moves to a processing state, and upon completion, the transaction is finalized.

6. **Notifications**: Integrate a notification system that alerts users about new orders, transaction confirmations, and any changes in order status.

7. **Analytics Dashboard**: Provide a dashboard for sellers to track their earnings, number of orders completed, and other relevant metrics.

8. **Security Measures**: Ensure that all sensitive information is encrypted and stored securely. Use best practices for securing API keys and credentials when interacting with the Algorand network.

In your implementation, make sure to demonstrate how the 'algopay-sdk' package is utilized at each step of the transaction process, from initiating a payment request to confirming a successful transaction. Additionally, document your code thoroughly to explain how different components of the SDK are integrated into the application.