amc-data-gate

v1.0.2 suspicious
4.0
Medium Risk

AMC Data Access SDK with AES encrypted SQL and Arrow responses

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package appears to function as intended with low risks associated with network, shell execution, and credential handling. However, the missing repository and the maintainer having only one package contribute to a moderate metadata risk, making the overall package suspicious.

  • Missing repository
  • Maintainer has only one package
Per-check LLM notes
  • Network: The observed network calls appear to be standard API interactions, likely for data gate functionality as suggested by the package name.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository is not found and the maintainer has only one package, which raises some suspicion but does not conclusively indicate malice.

πŸ“¦ Package Quality Overall: Low (3.2/10)

β—‹ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
β—ˆ Medium Documentation 5.0

Some documentation present

  • Brief PyPI description (351 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 7 type-annotated function signatures (partial)
β—‹ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • try: resp = requests.post(url, json=payload, timeout=self.token_timeout)
  • ζ—ΆοΌŒι…εˆζ€»θΆ…ζ—Άδ½Ώη”¨ return requests.post(url, json=payload, headers=headers, timeout=self.timeout)
  • try: resp = requests.post(url, json=payload, headers=headers, timeout=self.timeout)
  • try: resp = requests.post(url, json=payload, headers=headers, timeout=self.timeout)
βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: citicsf.com

βœ“ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
⚠ Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "AMC Tech Team" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with amc-data-gate 
Build a simple Python application using the amc-data-gate package to demonstrate its core features.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!