api-tester-ai-mcp

v1.0.7 suspicious
4.0
Medium Risk

MCP server for api tester ai. Features send request, validate response, check headers. From MEOK AI Labs.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package is deemed suspicious due to its minimal maintainer history and low engagement in the git repository, despite showing no direct signs of malicious activity such as network, shell, or obfuscation risks.

  • Minimal maintainer history
  • Low engagement in the git repository
Per-check LLM notes
  • Network: The observed network calls are likely intended for testing API endpoints and checking service health, which aligns with the package's presumed functionality.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package has minimal maintainer history and low engagement in the git repository, which raises some suspicion but not enough to conclusively determine it as malicious.

📦 Package Quality Overall: Low (4.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. test_server.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3667 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 17 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 48 commits in CSOAI-ORG/api-tester-ai-mcp
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 4.5

Found 3 network call pattern(s)

  • return response req = urllib.request.Request(url, method=method) for k, v in hdrs.items():
  • rt = time.time() with urllib.request.urlopen(req, timeout=timeout) as resp: elapsed =
  • try: resp = urllib.request.urlopen("http://localhost:8000/health", timeout=2)
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: meok.ai>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with api-tester-ai-mcp 
Create a mini-application called 'API Validator Pro' using the Python package 'api-tester-ai-mcp'. This application will serve as a user-friendly interface for testing APIs and validating their responses. Here are the key functionalities and steps to implement:

1. **User Interface**: Design a simple command-line interface (CLI) where users can input API details such as URL, method (GET, POST, etc.), headers, and body data.
2. **API Request Handling**: Utilize 'api-tester-ai-mcp' to handle sending requests to the specified API endpoints based on the user inputs. Ensure the package's features for sending requests are well-integrated.
3. **Response Validation**: Implement functionality within your application to automatically validate the API response against expected criteria (status codes, specific content in the response). Use 'api-tester-ai-mcp' for validating responses and checking headers.
4. **Custom Validation Rules**: Allow users to define custom validation rules for both the response content and headers. These rules should be flexible enough to support regular expressions, JSON path queries, and more.
5. **Report Generation**: After each test run, generate a report summarizing the results of the API tests including any errors or warnings encountered during the validation process. The report should be easily readable and exportable in formats like CSV or PDF.
6. **Test Suite Management**: Enable users to save sets of API tests into test suites which they can then run at any time. Each suite should be configurable and reusable.
7. **Logging and Error Handling**: Implement robust logging and error handling mechanisms to ensure that all operations are traceable and any issues are clearly communicated back to the user.

In summary, the 'API Validator Pro' application aims to streamline the process of testing and validating APIs through a combination of user-defined configurations and automated validation processes, leveraging the capabilities of the 'api-tester-ai-mcp' package.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!