Package Metadata

Author: —
Email: Julian Berman <[email protected]>
PyPI: amigpl
Python: >=3.11
Versions: 1 release
First release: 17 May 2026, 17:32 UTC
Analysed: 07 Jun 2026, 02:20 UTC
Source files: 18 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Programming Language :: Python :: 3.14Programming Language :: Python :: Implementation :: CPythonProgramming Language :: Python :: Implementation :: PyPy

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows a moderate risk due to the potential misuse of subprocess.run for executing shell commands, despite no clear evidence of malicious activity or obfuscation.

Shell risk due to subprocess.run usage
No network calls or credentials handling detected

Per-check LLM notes

Network: No network calls detected, which is not necessarily suspicious.
Shell: The use of subprocess.run to execute shell commands could indicate legitimate functionality but requires further investigation to ensure it's not being used for malicious purposes.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

8 test file(s) detected (e.g. _fakes.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (6012 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

45 type-annotated function signatures detected in source

○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

GitHub API error: 404

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

aryFile() as tmpfile: subprocess.run( ["uv", "export", "--frozen", "--no-header", "--

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: grayvines.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with amigpl

Your task is to create a Python-based utility named 'DependChecker' that leverages the 'amigpl' package to analyze Python projects and identify any copyleft dependencies within them. This tool will be particularly useful for developers who want to ensure their projects comply with open-source licenses.

### Core Functionality:
- **Project Analysis:** Users should be able to input the path of a Python project directory. The tool will then scan the project's requirements.txt file (or similar dependency files) and use the 'amigpl' package to check each listed dependency for copyleft licensing.
- **Dependency Reporting:** The utility should generate a report listing all dependencies found in the project along with their license types. Specifically, it should highlight any dependencies that have copyleft licenses.
- **User Interface:** Implement a simple command-line interface (CLI) where users can specify the project directory path as an argument when running the utility.

### Additional Features:
- **Automated Scanning:** Extend the utility to automatically detect and include any additional dependency files (e.g., setup.py, Pipfile) if present in the project directory.
- **License Compliance Check:** For each identified copyleft dependency, provide a brief explanation of what copyleft means and suggest actions developers might take to comply with these licenses.
- **Interactive Mode:** Offer an interactive mode where users can enter dependency names directly into the CLI to check individual packages.

### How to Use 'amigpl':
- Integrate 'amigpl' into your utility to perform the checks on each dependency. This package will likely provide functions or methods that you can call to determine the licensing type of a given package.
- Ensure you handle any exceptions or errors gracefully, providing meaningful feedback to the user if something goes wrong during the analysis process.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (4.4/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue