AI Analysis
Final verdict: SUSPICIOUS
The package shows low risks in terms of network, shell execution, obfuscation, and credential harvesting. However, the low author engagement and metadata quality raise some concerns, making it suspicious.
- Low author engagement
- Poor metadata quality
Per-check LLM notes
- Network: No network calls detected, which is normal if the package does not require external communications.
- Shell: No shell execution patterns detected, indicating the package likely does not execute system commands.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The package shows low author engagement and metadata quality, but lacks clear indicators of malicious intent.
Package Quality Overall: Low (2.2/10)
○ Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
○ Low
Documentation
1.0
No documentation detected
No documentation URL, doc files, or meaningful description found
○ Low
Contributing Guide
2.0
No contributing guide or governance files found
No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low
Type Annotations
1.0
No type annotations detected
No type annotations, py.typed marker, or stub files detected
◈ Medium
Multiple Contributors
6.0
Limited contributor diversity
2 unique contributor(s) across 55 commits in kaiquebahmad/anycallTwo distinct contributors found
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
No author email provided
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository kaiquebahmad/anycall appears legitimate
Maintainer History
score 6.0
3 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with anycall-py
Develop a real-time communication platform using the 'anycall-py' library. This platform will enable users to send messages and files in real-time between multiple clients. The application should have the following functionalities: 1. User Authentication: Users must be able to sign up and log in to the platform. 2. Real-Time Messaging: Once logged in, users should be able to send text messages to each other in real-time. 3. File Sharing: In addition to text messaging, users should also be able to share files (such as images, documents, etc.) with each other. 4. Group Chats: Users should be able to create group chats and invite other users to join these groups. 5. Notifications: Users should receive notifications when they receive new messages or when someone sends them a file. 6. Offline Support: If a user is offline, the system should queue their messages and deliver them once they come back online. 7. Privacy Settings: Users should be able to set privacy settings for their profiles and chats, such as blocking specific users or making certain conversations private. To achieve these functionalities, you'll need to utilize the core features of the 'anycall-py' package, which includes setting up a connection between clients, handling real-time data exchange, and managing sessions efficiently. The package simplifies the process of establishing real-time communication channels, allowing developers to focus more on implementing additional features rather than dealing with low-level details of real-time communication.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue