Package Metadata

Author: Anexus
Email: —
PyPI: anexus-sdk
Python: >=3.9
Versions: 1 release
First release: 01 Jun 2026, 03:50 UTC
Analysed: 07 Jun 2026, 03:45 UTC
Source files: 13 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.9Topic :: SecurityTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some signs of potential risk due to its newness and limited maintainer history, despite having low risks in areas like network calls, shell execution, obfuscation, and credential handling.

Metadata risk due to new package and limited maintainer history
Moderate network risk requiring further investigation into endpoint legitimacy

Per-check LLM notes

Network: Network calls are expected for SDKs to communicate with services, but further investigation is needed to ensure legitimacy of endpoints and data handled.
Shell: No shell execution patterns detected, which is normal unless the package's functionality requires it.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The package appears to be new and the maintainer has limited history, which raises some suspicion but does not conclusively indicate malice.

📦 Package Quality Overall: Low (4.4/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/Marsssssssssssdsss/nexus6-sdk
Detailed PyPI description (9589 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

24 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 5.0

Limited contributor diversity

1 unique contributor(s) across 100 commits in Marsssssssssssdsss/nexus6-sdk
Single author but highly active (100 commits)

🔬 Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

try: with httpx.Client(timeout=10) as http: resp = http.post(f"{sel
try: with httpx.Client(timeout=10) as http: poll_resp = http.po
try: with httpx.Client(timeout=30) as http: if method.upper() == "G
try: with httpx.Client(timeout=10) as http: resp = http.post(

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Marsssssssssssdsss/nexus6-sdk appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Only one version has ever been released — brand new package
Author "Anexus" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with anexus-sdk

Create a mini-application called 'VerifyMe' that leverages the 'anexus-sdk' package to generate, send, and verify one-time verification codes for users. This application will serve as a simple yet robust solution for adding an extra layer of security to user accounts by requiring a one-time code upon login or registration. Here’s a detailed plan on how to proceed:

1. **Setup**: Begin by installing the 'anexus-sdk' package via pip. Ensure your development environment is set up with Python 3.8 or later.
2. **User Interface**: Design a basic command-line interface (CLI) or a simple web-based UI using Flask or Django. The choice depends on whether you prefer a CLI tool or a web application.
3. **Code Generation & Sending**: Utilize the 'anexus-sdk' to generate unique one-time verification codes. These codes should be sent to the user's email or phone number via SMS or email services like SMTP or Twilio.
4. **Verification Process**: Implement a mechanism within 'VerifyMe' where users can input the received code for verification. This step ensures that only the intended recipient can access the account.
5. **Security Enhancements**: Consider integrating additional security measures such as throttling attempts after multiple failed verifications or implementing CAPTCHA to prevent automated attacks.
6. **Logging & Reporting**: Set up logging for successful and failed verification attempts. This data can be useful for monitoring and improving security practices.
7. **Testing**: Thoroughly test 'VerifyMe' by simulating various scenarios including valid and invalid inputs, network failures, and security breaches.
8. **Documentation**: Write clear documentation on how to use 'VerifyMe', including setup instructions, API references, and examples.

Suggested Features:
- Support for both email and SMS verification methods.
- User-friendly error messages for common issues like invalid codes or expired codes.
- Optional integration with popular email and SMS providers for ease of use.
- Detailed logging with timestamps for each verification attempt.
- A configurable cooldown period for repeated failed attempts to prevent brute force attacks.

By following these steps and incorporating the suggested features, 'VerifyMe' will not only demonstrate the power of 'anexus-sdk' but also provide a practical tool for enhancing user security.