Package Metadata

Author: Theo Rieken
Email: —
PyPI: anomx
Python: >=3.11
Versions: 4 releases
First release: 29 May 2026, 07:23 UTC
Analysed: 07 Jun 2026, 04:42 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 2 - Pre-AlphaIntended Audience :: DevelopersIntended Audience :: Science/ResearchLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Scientific/Engineering :: Artificial IntelligenceTopic :: Scientific/Engineering :: Information Analysis

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high risks due to its use of shell=True and unexpected network calls, which could indicate potential malicious activities. However, there is no direct evidence of malicious intent, and it seems to be a typosquatting attempt targeting 'nox'.

High shell risk
Unexpected network calls
Potential typosquatting

Per-check LLM notes

Network: The package makes unexpected network calls to external APIs and localhost, which may indicate unauthorized data transmission or C2 activity.
Shell: Execution of commands via shell=True is risky and could allow arbitrary code execution, suggesting potential for malicious behavior.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, indicating secure handling of sensitive information.
Metadata: The low activity in the git repository and the maintainer's limited history suggest potential risks, but there is no clear evidence of malicious intent.
⚠ Typosquatting target: nox

📦 Package Quality Overall: Medium (5.2/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (5961 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
Type checker (mypy / pyright / pytype) referenced in project
306 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 11 commits in theorieken/anomx
Two distinct contributors found

🔬 Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

onse | str: request = urllib.request.Request( "https://api.openai.com/v1/responses",
try: with urllib.request.urlopen(request, timeout=120) as response: f
onse | str: request = urllib.request.Request( endpoint, data=json.dumps(p
ing model") request = urllib.request.Request( "http://127.0.0.1:11434/api/chat",
try: with urllib.request.urlopen(request, timeout=120) as response: s

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

ss.Popen[str]: return subprocess.Popen( command, cwd=self.current_dir,
normalized, shell=True, long_running_callback=long_running_callback,
._open_subprocess(normalized, shell=True) parts = shlex.split(normalized) if not pa

✓ Credential Harvesting

No credential harvesting patterns detected

⚠ Typosquatting score 3.0

Possible typosquat of: nox

"anomx" is 2 edit(s) from "nox"

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Theo Rieken" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with anomx

Create a web-based time series anomaly detection tool using the 'anomx' package. This tool should allow users to upload their time series data, select from different anomaly detection methods provided by 'anomx', and visualize the results. The application should include the following features:

1. User-friendly interface for uploading CSV files containing time series data.
2. Options to choose between different anomaly detection methods offered by 'anomx', such as forecasting-based, reconstruction-based, and representation-based approaches.
3. Real-time visualization of the original time series data alongside the detected anomalies.
4. Detailed report generation for each analysis, including statistical summaries and visualizations of anomalies.
5. Integration with popular data visualization libraries like Plotly or Matplotlib to enhance the visual presentation of the results.
6. Option to save the analysis results and reports for future reference.
7. Basic documentation and user guide explaining how to use the tool effectively.

The 'anomx' package will be utilized to handle the core anomaly detection logic. Users should be able to select specific algorithms from 'anomx' for their datasets, and the tool should process these selections to apply the chosen anomaly detection method. The output should then be displayed in a clean, understandable format, allowing users to quickly identify any unusual patterns in their data.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue