AI Analysis
Final verdict: SAFE
The package appears to be legitimate with low risks across various checks. However, the maintainer's account seems new or inactive, which requires further investigation.
- Low network and shell execution risks.
- No evident obfuscation or credential harvesting.
- Maintainer's account status is questionable.
Per-check LLM notes
- Network: No network calls detected, which is normal if the package does not require internet access.
- Shell: No shell execution patterns detected, indicating the package likely does not execute external commands.
- Obfuscation: The obfuscation pattern is likely for internal package management and does not indicate malicious activity.
- Credentials: No suspicious patterns for credential harvesting were detected.
- Metadata: The package has no suspicious links or git repository flags, but the maintainer's account seems new or inactive, which raises some concern.
Package Quality Overall: Low (4.0/10)
○ Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
◈ Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (1223 chars)
○ Low
Contributing Guide
4.0
No contributing guide or governance files found
Development Status classifier >= Beta
◈ Medium
Type Annotations
5.0
Partial type annotation coverage
Type checker (mypy / pyright / pytype) referenced in project
◈ Medium
Multiple Contributors
5.0
Limited contributor diversity
1 unique contributor(s) across 100 commits in aliyun/alibabacloud-python-sdkSingle author but highly active (100 commits)
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
score 2.0
Found 1 obfuscation pattern(s)
bacloud-python-sdk" VERSION = __import__(PACKAGE).__version__ REQUIRES = [ "darabonba-core>=1.0.0, <2.0.0
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: alibabacloud.com
Suspicious Page Links
score 2.0
Found 1 suspicious link(s) on the package page
Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0
Git Repository History
Repository aliyun/alibabacloud-python-sdk appears legitimate
Maintainer History
score 2.0
1 maintainer concern(s) found
Author "Alibaba Cloud SDK" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with alibabacloud-appstream-center20210901
Create a desktop application using Python and the 'alibabacloud-appstream-center20210901' package that serves as a streamlined interface for managing Alibaba Cloud AppStream Center resources. This application will allow users to perform actions such as listing available AppStream Centers, starting and stopping instances, and viewing detailed information about specific AppStream Centers. The application should include the following core functionalities: - User Authentication: Implement a secure login system that authenticates users based on their Alibaba Cloud credentials. - Resource Management: Provide an intuitive UI for listing all available AppStream Centers, allowing users to filter and sort these centers based on various criteria like region, instance type, etc. - Instance Control: Enable users to start, stop, and restart AppStream Center instances directly from the application. - Detailed View: Offer a feature to display comprehensive details of a selected AppStream Center, including its current state, associated tags, and other relevant metadata. To achieve these goals, you'll need to leverage the 'alibabacloud-appstream-center20210901' package to interact with the Alibaba Cloud API endpoints related to AppStream Center management. Ensure your implementation includes error handling and logging mechanisms to provide users with clear feedback and maintain application stability.