Package Metadata

Author: —
Email: deepset GmbH <[email protected]>
PyPI: amazon-bedrock-haystack
Python: >=3.10
Versions: 76 releases
First release: 03 Jan 2024, 13:31 UTC
Analysed: 07 Jun 2026, 01:07 UTC
Source files: 27 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: PythonProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Programming Language :: Python :: 3.14Programming Language :: Python :: Implementation :: CPythonProgramming Language :: Python :: Implementation :: PyPy

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risk due to potential credential exposure and some level of obfuscation, suggesting it may have underlying issues that need further investigation.

Credential risk 7/10 due to environment variable access for AWS credentials
Obfuscation risk 5/10 due to base64 decoding of file contents

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external API interactions.
Shell: No shell execution patterns detected, indicating the package likely does not execute system commands.
Obfuscation: Base64 decoding of file contents may indicate an attempt to conceal code or data, but could also be legitimate for various purposes such as data transmission.
Credentials: Environment variable access for AWS credentials suggests potential exposure to unauthorized access risks, especially if not properly secured or validated.
Metadata: The author information is sparse and the maintainer has a single package, which could indicate a less experienced or potentially suspicious user.

📦 Package Quality Overall: Medium (7.0/10)

✦ High Test Suite 9.0

Test suite present — 13 test file(s) found

Test runner config found: conftest.py
Test runner config found: pyproject.toml
13 test file(s) detected (e.g. __init__.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/deepset-ai/haystack-core-integrations/tre
Detailed PyPI description (934 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

52 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

16 unique contributor(s) across 100 commits in deepset-ai/haystack-core-integrations
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

"source": {"bytes": base64.b64decode(file_content.base64_data)}, "name": "samplep
"source": {"bytes": base64.b64decode(file_content.base64_data)}, "name": "filenam
"source": {"bytes": base64.b64decode(file_content.base64_data)}, } } def
"source": {"bytes": base64.b64decode(base64_image)}, }
"source": {"bytes": base64.b64decode(base64_image)}, } },

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 10.0

Found 6 credential access pattern(s)

variables aws_profile_name = os.environ.get("AWS_PROFILE") or "default" aws_region_name = os.environ.get("AWS
r "default" aws_region_name = os.environ.get("AWS_DEFAULT_REGION") or "eu-central-1" # Initialize the AmazonBe
r None endpoint_url = os.getenv("AWS_ENDPOINT_URL") or None return cls( s3_bu
test.mark.skipif( not os.getenv("AWS_BEDROCK_GUARDRAIL_ID") or not os.getenv("AWS_BEDROCK_GUARDRA
BEDROCK_GUARDRAIL_ID") or not os.getenv("AWS_BEDROCK_GUARDRAIL_VERSION"), reason=( "E
"guardrailIdentifier": os.getenv("AWS_BEDROCK_GUARDRAIL_ID"), "guardrailVersion":

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: deepset.ai>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository deepset-ai/haystack-core-integrations appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with amazon-bedrock-haystack

Create a document management system that integrates AWS S3 and Bedrock services using the 'amazon-bedrock-haystack' Python package. This system will enable users to upload documents to an S3 bucket, generate summaries and key points from those documents using Bedrock's capabilities, and provide a searchable database of these summaries and key points. The application should have the following functionalities:

1. User Authentication: Implement user authentication to ensure only authorized users can access the system.
2. Document Upload: Allow users to upload various types of documents (PDFs, Word documents, etc.) to the S3 bucket.
3. Document Processing: Utilize 'amazon-bedrock-haystack' to process uploaded documents, generating summaries and extracting key points.
4. Searchable Database: Create a searchable database where users can search for documents based on their summaries and extracted key points.
5. Document Viewing: Provide functionality for users to view the original documents stored in the S3 bucket.
6. Summary Display: Display the generated summaries and key points alongside the original documents.
7. Notifications: Send email notifications to users when their document processing is complete.

The 'amazon-bedrock-haystack' package will be used to handle the downloading of documents from S3 and generating summaries and key points using Bedrock's natural language processing capabilities. Users should be able to interact with the system through a web interface built using Flask or Django, and all interactions with AWS services should be managed securely.