ambertraceai

v0.6.0 safe
4.0
Medium Risk

Python SDK for the Ambertrace neurosymbolic AI platform API

🤖 AI Analysis

Final verdict: SAFE

The package appears to be a legitimate SDK for interacting with Ambertrace's API. It has minimal risk indicators, with only metadata suggesting some caution due to low activity and limited maintainer information.

  • Low network, shell, obfuscation, and credential risks
  • Moderate concern over repository activity and maintainer transparency
Per-check LLM notes
  • Network: The observed network patterns are typical for packages that perform HTTP requests, likely for API interactions or similar functionality.
  • Shell: No shell execution patterns were detected, indicating no immediate risk associated with executing arbitrary commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository's low activity and lack of maintainer information suggest potential risks, but no clear malicious intent is evident.

📦 Package Quality Overall: Medium (6.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://app.ambertrace.ai/openapi/redoc
  • Detailed PyPI description (6921 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 416 type-annotated function signatures detected in source
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 3 unique contributor(s) across 18 commits in Pilot-Generative-AI/ambertraceai-python
  • Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • e: self._client = httpx.Client( base_url=self._base_url, co
  • context manager for internal httpx.Client (see httpx docs)""" self.get_httpx_client().__exit__(
  • self._async_client = httpx.AsyncClient( base_url=self._base_url, co
  • ontext manager for underlying httpx.AsyncClient (see httpx docs)""" await self.get_async_httpx_client
  • ) self._client = httpx.Client( base_url=self._base_url, co
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ambertrace.ai>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ambertraceai 
Build a simple Python application using the ambertraceai package to demonstrate its core features.