Package Metadata

Author: Ant Chain SDK
Email: [email protected]
PyPI: antchain-realperson
Python: >=3.6
Versions: 61 releases
First release: 03 Aug 2020, 12:55 UTC
Analysed: 07 Jun 2026, 05:43 UTC
Source files: 3 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.6Programming Language :: Python :: 3.7Programming Language :: Python :: 3.8Programming Language :: Python :: 3.9Topic :: Software Development

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risk due to potential obfuscation techniques and an insecure external link in its metadata. Further investigation is warranted.

Use of __import__ suggests possible code obfuscation.
Non-HTTPS external link in metadata poses a potential security risk.

Per-check LLM notes

Network: No network calls detected, which is normal unless the package's functionality requires external API interactions.
Shell: No shell execution detected, which is typical and indicates the package does not execute system commands.
Obfuscation: The use of __import__ to dynamically import the version from another module suggests obfuscation but may also be a legitimate coding practice for certain scenarios.
Credentials: No clear patterns indicating credential harvesting were detected.
Metadata: The author has only one package, and there's a non-HTTPS external link which may pose security risks.

📦 Package Quality Overall: Low (4.2/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (1002 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 100 commits in alipay/antchain-openapi-prod-sdk
Two distinct contributors found

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

n-openapi-prod-sdk" VERSION = __import__(PACKAGE).__version__ REQUIRES = [ "antchain_alipay_util>=1.0.1,

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: alibabacloud.com

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0

✓ Git Repository History

Repository alipay/antchain-openapi-prod-sdk appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Ant Chain SDK" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with antchain-realperson

Your task is to develop a user verification mini-app using the 'antchain-realperson' Python package. This app will serve as a tool for businesses to quickly verify the identity of their users through real-person authentication services provided by Ant Chain. Here’s a detailed guide on how to approach this project:

1. **Project Overview**: Your mini-app should allow users to input basic personal information such as name, ID number, and phone number. Upon submission, the app will use the 'antchain-realperson' package to perform real-person verification.

2. **Features**:
- User Input Form: Design a simple form where users can enter their personal details.
- Real-Person Verification: Utilize the 'antchain-realperson' package to validate if the entered details correspond to a real person.
- Feedback Mechanism: Display whether the verification was successful or not, along with any relevant messages.

3. **Implementation Steps**:
- Set up your development environment with Python and install the 'antchain-realperson' package.
- Create a user interface (you can use Flask or Django for web-based applications).
- Implement the form submission logic which triggers the real-person verification process using the 'antchain-realperson' API.
- Handle responses from the 'antchain-realperson' service and display appropriate feedback to the user.

4. **Additional Enhancements** (optional):
- Add a feature to send a verification code to the user's phone number for additional security.
- Include error handling for common issues like network errors or invalid inputs.
- Provide a history log of verification attempts for each user.

5. **Testing**: Ensure you test your application thoroughly under various scenarios, including successful verifications, failed verifications due to incorrect data, and edge cases.

6. **Deployment**: Consider deploying your mini-app on a cloud platform like AWS, Azure, or Alibaba Cloud for easy access.

This project aims to demonstrate the power of real-person verification in enhancing user authentication processes, making it easier for businesses to trust their users.