alix-graphql-mcp-read-tool

v0.1.0 suspicious
3.0
Low Risk

Read-only MCP tool for the Alix GraphQL API. Scopes every operation to an estate id; mutations and subscriptions are rejected.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate level of network activity and low maintenance efforts, raising concerns about its legitimacy and security. However, there is no evidence of direct malicious behavior.

  • Moderate network risk
  • Low maintenance and effort
Per-check LLM notes
  • Network: The presence of network calls suggests the tool may be communicating with an external API, which is not inherently malicious but requires further investigation to ensure it's legitimate and secure.
  • Shell: No shell execution patterns detected, indicating low risk for direct system command execution.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows low maintenance and effort signs, which raises some suspicion but does not conclusively indicate malicious intent.

📦 Package Quality Overall: Low (2.0/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
○ Low Documentation 1.0

No documentation detected

  • No documentation URL, doc files, or meaningful description found
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 9 type-annotated function signatures (partial)
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • on": api_key, } with httpx.Client(timeout=timeout) as client: response = client.post(e
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with alix-graphql-mcp-read-tool 
Develop a fully-functional mini-application named 'EstateExplorer' using the Python package 'alix-graphql-mcp-read-tool'. This application will serve as a read-only interface to explore estates within the Alix GraphQL API environment. The primary goal of EstateExplorer is to allow users to query information about various estates, such as their details, associated properties, and other relevant data, while ensuring all operations are scoped to a specific estate ID. Here's a detailed breakdown of what your application should include:

1. **User Interface**: Create a simple yet intuitive command-line interface (CLI) for users to interact with the application. The CLI should accept user input to perform queries and display results.
2. **Authentication**: Implement a mechanism to authenticate users before they can access the estates data. This could involve providing a token or estate ID directly via the CLI.
3. **Query Operations**: Utilize the 'alix-graphql-mcp-read-tool' package to execute read-only queries on the Alix GraphQL API. Users should be able to fetch details such as estate names, property lists, owner information, and any other pertinent data points.
4. **Error Handling**: Ensure that your application gracefully handles errors, including invalid inputs, authentication failures, and network issues.
5. **Output Formatting**: Display the retrieved data in a readable format. Consider using pretty-printing libraries like 'json' or third-party tools to enhance the presentation of the data.
6. **Advanced Features** (Optional): To make the application more appealing, consider adding advanced features such as caching of frequently accessed estates to speed up subsequent queries, support for pagination when fetching large datasets, and the ability to export query results into CSV files for further analysis.

Your task is to write a complete Python script that integrates these functionalities, demonstrating how the 'alix-graphql-mcp-read-tool' package can be effectively utilized in a real-world scenario. Remember to document your code well and provide clear instructions on how to run the application.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!