apikeys-platform

v0.2.0 suspicious
6.0
Medium Risk

Async SDK for issuing and validating scoped API keys

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no signs of obfuscation or credential harvesting, but the metadata suggests recent suspicious activity with all commits happening within 24 hours.

  • Low obfuscation risk
  • Low credential risk
  • High metadata risk due to recent repository creation and rapid commits
Per-check LLM notes
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository was created very recently with all commits happening within 24 hours, indicating possible suspicious activity.

📦 Package Quality Overall: Low (4.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (9560 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 44 type-annotated function signatures detected in source
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 5 commits in AKSHILMY/api-project
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 7.5

Git history flags: Repository created very recently: 5 day(s) ago (2026-06-02T19:15:26Z)

  • Repository created very recently: 5 day(s) ago (2026-06-02T19:15:26Z)
  • Repository has zero stars and zero forks
  • All 5 commits happened within 24 hours
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "AKSHILMY" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apikeys-platform 
Create a secure access control system for a fictional online library using the 'apikeys-platform' Python package. This system will manage user authentication and authorization for accessing different sections of the library's digital content. Here are the steps and features to include:

1. **Setup**: Initialize your project with Flask as the web framework. Ensure you have 'apikeys-platform' installed.
2. **User Registration & Login**: Allow users to register with their email and password. Upon registration, issue them an API key scoped for basic access. Implement login functionality where users can log in using their credentials and receive a scoped API key for authenticated access.
3. **Scoped Access Levels**: Define at least three levels of access: 'basic', 'premium', and 'admin'. Basic users can only view book summaries, premium users can also download e-books, and admin users have full access including managing other users.
4. **API Key Management**: Integrate 'apikeys-platform' to handle the issuance and validation of these scoped API keys. Use it to ensure that each request made by a user is validated against their access level.
5. **Secure Endpoints**: Create endpoints for different actions such as viewing summaries, downloading e-books, and managing users. Secure these endpoints using the scoped API keys issued by 'apikeys-platform'.
6. **Testing**: Write tests to ensure that users cannot access resources they are not authorized for. Test the entire flow from registration, through login, to accessing various resources based on their access level.
7. **Documentation**: Provide documentation on how to use the system, including setting up 'apikeys-platform', registering new users, logging in, and making requests to the protected endpoints.

The goal is to demonstrate the flexibility and security provided by 'apikeys-platform' in managing access controls within a real-world application scenario.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!