Package Metadata

Author: Alibaba Cloud SDK
Email: [email protected]
PyPI: alibabacloud-agentexplorer20260317
Python: >=3.7
Versions: 1 release
First release: 26 May 2026, 03:40 UTC
Analysed: 06 Jun 2026, 22:05 UTC
Source files: 7 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.7Programming Language :: Python :: 3.8

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is assessed as suspicious due to potential obfuscation techniques used to retrieve version numbers and the limited history of the maintainer's account.

Unusual use of __import__ for retrieving version number
Maintainer has limited history and activity

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require internet access.
Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
Obfuscation: The use of __import__ to retrieve the version number is unusual and may indicate an attempt to hide dependencies or version information.
Credentials: No suspicious patterns for credential harvesting were detected in the provided code snippet.
Metadata: The package is new and the maintainer seems to be an inactive or new account with limited history.

📦 Package Quality Overall: Low (4.4/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (1211 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
20 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 5.0

Limited contributor diversity

1 unique contributor(s) across 100 commits in aliyun/alibabacloud-python-sdk
Single author but highly active (100 commits)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

bacloud-python-sdk" VERSION = __import__(PACKAGE).__version__ REQUIRES = [ "darabonba-core>=1.0.0, <2.0.0

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: alibabacloud.com

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0

✓ Git Repository History

Repository aliyun/alibabacloud-python-sdk appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Only one version has ever been released — brand new package
Author "Alibaba Cloud SDK" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alibabacloud-agentexplorer20260317

Build a simple Python application using the alibabacloud-agentexplorer20260317 package to demonstrate its core features.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (4.4/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue