amsdal-glue-core

v0.1.11 safe
4.0
Medium Risk

AMSDAL Glue is a Python interface providing high-level abstraction for interacting with multiple databases simultaneously, simplifying the development and maintenance process.

🤖 AI Analysis

Final verdict: SAFE

The package shows low risks across most categories with no network calls, shell executions, or credentials issues. The obfuscation risk due to pickle usage is notable but not conclusive without additional context.

  • No network calls detected
  • No shell execution detected
  • Potential code injection risk from pickle.loads usage
  • Maintainer metadata incomplete
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communications.
  • Shell: No shell execution patterns detected, indicating the package does not execute system commands.
  • Obfuscation: The use of pickle.loads without context suggests potential for code injection, but could be legitimate in certain scenarios.
  • Credentials: No clear evidence of credential harvesting patterns detected.
  • Metadata: The maintainer's author name is missing and the account seems new or inactive, raising some concerns but not definitive evidence of malice.

📦 Package Quality Overall: Medium (6.4/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/amsdal/amsdal-glue?tab=readme-ov-file#ams
  • Brief PyPI description (432 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 117 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 5 unique contributor(s) across 100 commits in amsdal/amsdal-glue
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • ytes) -> None: data = pickle.loads(state) # noqa: S301 cls._root_managers._providers =
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository amsdal/amsdal-glue appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with amsdal-glue-core 
Create a multi-database synchronization tool named 'SyncMaster' using the 'amdal-glue-core' Python package. This tool will allow users to easily synchronize data across different types of databases such as MySQL, PostgreSQL, and SQLite. The application should have a simple command-line interface where users can specify source and target databases, tables, and fields to synchronize. Additionally, it should support incremental synchronization based on timestamps or version numbers. Users should also be able to define custom transformation scripts for data before it's written to the target database. Finally, the tool should provide logging and error handling mechanisms to ensure reliable operation. Use the 'amdal-glue-core' package to abstract away the complexities of interacting with multiple database systems, making the development process smoother and more maintainable.