anytimes

v1.0.0 safe
4.0
Medium Risk

PySide6-based interface for exploring and editing time-series data.

🤖 AI Analysis

Final verdict: SAFE

The package appears to be safe with no direct evidence of malicious intent. However, it has some unusual practices that require monitoring.

  • Subprocess execution with potential risks
  • Unusual use of eval and string concatenation
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external API interactions.
  • Shell: Subprocess execution may be necessary for certain functionalities, but requires scrutiny to ensure it's not being used maliciously.
  • Obfuscation: The use of eval and string concatenation is unusual but may be part of a legitimate implementation for dynamic function calls.
  • Credentials: No suspicious patterns indicating credential harvesting were detected.
  • Metadata: The package shows some signs of low maintenance and potential lack of community support, but there's no clear evidence of malicious intent.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 3 test file(s) found

  • 3 test file(s) detected (e.g. test_csv_loader.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (5525 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 236 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

  • 'd') else: w = eval('np.' + window + '(window_len)') if mode == 'valid':
  • dow == 'kaiser': w = eval('np.' + window + '(window_len,alpha)') else: w
  • ha)') else: w = eval('np.' + window + '(window_len)') # calculate tapered
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • BACKEND", "Agg") subprocess.run(cmd, check=True, cwd=str(folders[0]), env=env)
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "AnyTimes Developers" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with anytimes 
Build a simple Python application using the anytimes package to demonstrate its core features.