AI Analysis
Final verdict: SUSPICIOUS
The package shows moderate risks due to its interaction with external services and the lack of a public git repository, raising concerns about its legitimacy.
- Moderate network risk due to external service interactions
- No public git repository found
Per-check LLM notes
- Network: The presence of network calls suggests the package interacts with external services, which is common but should be reviewed for legitimacy and necessity.
- Shell: No shell execution patterns were detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The maintainer has only one package and the git repository is not found, which raises some suspicion but does not confirm malicious activity.
Package Quality Overall: Low (3.2/10)
○ Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
◈ Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (2416 chars)
○ Low
Contributing Guide
4.0
No contributing guide or governance files found
Development Status classifier >= Beta
◈ Medium
Type Annotations
5.0
Partial type annotation coverage
17 type-annotated function signatures detected in source
○ Low
Multiple Contributors
1.0
Could not retrieve contributor data from GitHub
GitHub API error: 404
Heuristic Checks
Outbound Network Calls
score 1.5
Found 1 network call pattern(s)
losed self._session = requests.Session() self._session.headers.update({ "Conten
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: antarraksha.ai
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 3.0
Repository not found (deleted or private)
Repository not found (deleted or private)
Maintainer History
score 2.0
1 maintainer concern(s) found
Author "Akash Kumar Dey" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with antarraksha-langchain
Build a simple Python application using the antarraksha-langchain package to demonstrate its core features.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue