altiplano

v0.2.2 suspicious
4.0
Medium Risk

Minimal MCP server for Vikunja (server-side filtering, no fluff)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has low risks associated with network calls, shell execution, obfuscation, and credential harvesting. However, the metadata risk score is elevated due to recent and rapid commit activity, suggesting potential suspicious behavior.

  • Elevated metadata risk due to recent repository creation and rapid commits
  • Low risks in other categories
Per-check LLM notes
  • Network: The presence of network calls is not inherently suspicious but should be assessed against the package's intended functionality.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository was created very recently and all commits happened within a short period, indicating potential suspicious activity.

📦 Package Quality Overall: Low (3.4/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3187 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 18 type-annotated function signatures detected in source
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 6 commits in aichholzer/altiplano
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • : Any) -> Any: async with httpx.AsyncClient(base_url=_base(), headers=_headers(), timeout=30) as client:
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 5.0

Git history flags: Repository created very recently: 6 day(s) ago (2026-06-01T02:00:19Z)

  • Repository created very recently: 6 day(s) ago (2026-06-01T02:00:19Z)
  • All 6 commits happened within 24 hours
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with altiplano 
Create a minimalist task management system using the 'altiplano' Python package, which serves as a Minimal Message Passing (MCP) server for Vikunja. This system will allow users to manage tasks through a command-line interface (CLI). The application should leverage 'altiplano' for efficient server-side task filtering without unnecessary overhead.

**Steps to Build the Application:**
1. **Setup Environment**: Begin by setting up a virtual environment for your Python project. Install the required packages including 'altiplano'. Ensure all dependencies are listed in a `requirements.txt` file.
2. **Define Core Features**: The main functionality of the app should include adding new tasks, marking tasks as completed, deleting tasks, and listing tasks. Each task should have a title, description, due date, and status (active/completed).
3. **Implement Server-Side Filtering**: Utilize 'altiplano' to implement server-side filtering capabilities. Users should be able to filter tasks based on their status (e.g., show only active tasks), and due dates (e.g., tasks due today).
4. **Design the CLI Interface**: Develop a user-friendly CLI interface where users can interact with the system using simple commands. For example, `add`, `list`, `complete`, `delete`, and `filter`.
5. **Testing**: Write unit tests to ensure each feature works as expected. Test different scenarios such as adding tasks, filtering them, and ensuring the filtering logic implemented with 'altiplano' works correctly.
6. **Documentation**: Provide clear documentation on how to set up the environment, install the application, and use its features.
7. **Deployment**: Package the application for deployment. Consider using Docker for easy distribution.

**Suggested Features**:
- Support for recurring tasks.
- Integration with a calendar API to sync due dates.
- Export/import functionality to save/load tasks from/to a file.
- User authentication to manage multiple user accounts.

By following these steps and incorporating the 'altiplano' package effectively, you'll create a robust, minimalistic task management system tailored for efficiency and simplicity.