Package Metadata

Author: —
Email: Aajil Labs <[email protected]>
PyPI: apii
Python: >=3.10
Versions: 5 releases
First release: 30 May 2026, 09:17 UTC
Analysed: 07 Jun 2026, 08:24 UTC
Source files: 61 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseLicense :: OSI Approved :: MIT LicenseNatural Language :: ArabicNatural Language :: EnglishOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several red flags including a high metadata risk score due to suspicious repository and maintainer history, and a typosquatting attempt targeting 'pip'. These factors, combined with moderate risks from network and obfuscation activities, suggest potential malicious intent.

High metadata risk
Typosquatting attempt
Moderate network and obfuscation risks

Per-check LLM notes

Network: The package makes network calls which could be legitimate API interactions but may also indicate potential data exfiltration or C2 activity.
Shell: No shell execution patterns detected, indicating low risk of direct system command execution.
Obfuscation: Base64 decoding is commonly used for data encoding and may not necessarily indicate malicious activity, but it could be used to hide code or data.
Credentials: No clear patterns of credential harvesting detected.
Metadata: Suspicious activity around the git repository and maintainer history suggests potential malicious intent.
⚠ Typosquatting target: pip

📦 Package Quality Overall: Medium (5.4/10)

✦ High Test Suite 9.0

Test suite present — 11 test file(s) found

Test runner config found: pyproject.toml
11 test file(s) detected (e.g. build_gold.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (13356 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
255 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 3 commits in Aajil-Labs/arabic-pii-py
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 4.5

Found 3 network call pattern(s)

n.read() try: r = httpx.post(url, params={"client": client}, content=event,
tream: async with httpx.AsyncClient(timeout=600) as client: up = await client.po
zer(a) async with httpx.AsyncClient(timeout=600) as client: async with client.st

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

file": data = base64.b64decode(req.get("b64", "")) name = req.get("name", "

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

⚠ Typosquatting score 3.0

Possible typosquat of: pip

"apii" is 2 edit(s) from "pip"

✓ Registered Email Domain

Email domain looks legitimate: aajil.sa>

⚠ Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:8720
Non-HTTPS external link: http://127.0.0.1:8720/v1`

⚠ Git Repository History score 5.0

Git history flags: Single contributor with only 3 commit(s) — possibly throwaway account

Single contributor with only 3 commit(s) — possibly throwaway account
All 3 commits happened within 24 hours

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apii

Develop a privacy-focused Arabic text analysis tool using the 'apii' package. This tool will be designed to help organizations and individuals ensure compliance with data protection regulations by accurately identifying and handling Personally Identifiable Information (PII) within Arabic texts. The application should be able to perform the following tasks:

1. **Arabic Text Input**: Allow users to input Arabic text either through a file upload or direct text entry.
2. **PII Detection**: Utilize the 'apii' package to detect PII elements such as names, phone numbers, email addresses, and other sensitive information within the text.
3. **Tokenization**: Implement tokenization of the detected PII elements to anonymize them while preserving the structure and readability of the text.
4. **Streaming-Interception Gateway**: For advanced use cases, implement a feature where the tool acts as a gateway for real-time text streams, intercepting and processing incoming Arabic text to automatically redact PII before it reaches its destination.
5. **User Interface**: Develop a simple, intuitive web interface using Flask or Django, allowing users to interact with the tool seamlessly.
6. **Reporting and Alerts**: Provide a mechanism for generating reports on detected PII and sending alerts via email or SMS if certain types of PII are found.
7. **Customization Options**: Offer users the ability to customize which types of PII they wish to detect and how they want these elements handled (e.g., anonymized, redacted).
8. **Integration with External Services**: Allow integration with external services for additional functionality, such as sending alerts to a Slack channel or logging detected PII into a database.

The 'apii' package will be crucial for the PII detection and tokenization functionalities. Ensure that your implementation leverages the package's capabilities effectively to provide accurate and reliable results. Additionally, consider incorporating best practices for data security and privacy throughout the development process.