anek

v0.1.0 suspicious
4.0
Medium Risk

Persona-based testing framework for AI agents

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package exhibits some concerning metadata issues and network risks, though it does not show signs of immediate malicious activity.

  • Missing repository and author details
  • HTTP requests to external URLs
Per-check LLM notes
  • Network: The package makes HTTP requests to external URLs, which is common for fetching data or updating information but could be used for unintended purposes if the URLs are controlled by an adversary.
  • Shell: No shell execution patterns were detected in the provided code snippet.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows several red flags including a missing repository and author details, as well as non-secure links.

πŸ“¦ Package Quality Overall: Low (3.8/10)

β—ˆ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (9671 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 39 type-annotated function signatures detected in source
β—‹ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • ._sessions[conversation_id] = httpx.Client( headers=self.headers, timeo
  • try: r = httpx.get(url, timeout=5.0) return r.status_code < 500
βœ“ Code Obfuscation

No obfuscation patterns detected

βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com

⚠ Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

  • Non-HTTPS external link: http://myagent.com/chat
  • Non-HTTPS external link: http://...
⚠ Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
⚠ Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released β€” brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with anek 
Develop a persona-driven AI agent testing utility using the 'anek' package in Python. This utility will allow users to create and manage multiple personas, each representing a distinct user or role within a simulated environment. Users will define scenarios and tasks for these personas to perform, and the utility will evaluate the performance of AI agents against these scenarios based on predefined criteria. Here’s a detailed outline of the project:

1. **Setup**: Begin by installing the 'anek' package and setting up your Python environment.
2. **Persona Creation**: Implement functionality for users to define personas. Each persona should have attributes such as name, role, preferences, and constraints.
3. **Scenario Definition**: Allow users to specify scenarios where personas interact with AI agents. Scenarios should include conditions, objectives, and expected outcomes.
4. **AI Agent Integration**: Integrate support for various AI agents. Users should be able to connect their AI models or use pre-defined ones provided by the 'anek' package.
5. **Testing and Evaluation**: Use 'anek' to run tests where AI agents interact with personas according to the defined scenarios. Collect metrics on performance, accuracy, and efficiency.
6. **Reporting**: Generate comprehensive reports summarizing the test results, highlighting strengths and weaknesses of the AI agents.
7. **User Interface**: Develop a simple command-line interface (CLI) for ease of use. Consider adding basic visualization tools for report data if time allows.

Utilize the 'anek' package to handle persona management, scenario execution, and evaluation processes. Ensure the application is modular and scalable, allowing for easy addition of new personas, scenarios, and AI agents.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!