alibabacloud-ens20171110

v11.1.4 suspicious
4.0
Medium Risk

Alibaba Cloud edge node service (20171110) SDK Library for Python

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some unusual obfuscation patterns and has metadata risks, though no clear signs of malicious activity or credential harvesting have been found.

  • Unusual obfuscation pattern
  • Non-HTTPS link in metadata
Per-check LLM notes
  • Obfuscation: The obfuscation pattern is unusual but does not clearly indicate malicious intent; it may be an unconventional way to handle version imports.
  • Credentials: No evidence of credential harvesting patterns detected.
  • Metadata: The maintainer has only one package and there's a non-HTTPS link, but no other suspicious activities are detected.

📦 Package Quality Overall: Low (4.4/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (1171 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 164 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 100 commits in aliyun/alibabacloud-python-sdk
  • Single author but highly active (100 commits)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • bacloud-python-sdk" VERSION = __import__(PACKAGE).__version__ REQUIRES = [ "darabonba-core>=1.0.0, <2.0.0
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: alibabacloud.com

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0
Git Repository History

Repository aliyun/alibabacloud-python-sdk appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Alibaba Cloud SDK" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alibabacloud-ens20171110 
Create a Python-based command-line tool named 'EdgeNodeManager' that leverages the 'alibabacloud-ens20171110' package to manage Alibaba Cloud Edge Node Service resources. This tool should provide functionalities such as listing all available edge nodes, deploying applications to specific edge nodes, and monitoring the health status of deployed applications. Additionally, include features to create and delete edge nodes, and configure network settings for edge nodes. Your application should also support authentication through Alibaba Cloud Access Keys and utilize error handling to ensure smooth operation. Provide detailed documentation on how to install and use the tool, including examples of common tasks. Ensure your code is well-commented and follows best practices for Python development.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!