apkpatcher

v0.1.39 suspicious
4.0
Medium Risk

Tool use as library or in cli to patch an APK, inject some libraries inside the APK or add a custom certificate

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has moderate risks due to potential unauthorized actions via shell commands and unverified external dependencies, despite showing no signs of obfuscation or credential harvesting.

  • High shell risk due to execution of potentially unsafe commands
  • Moderate network risk from fetching unverified dependencies
Per-check LLM notes
  • Network: The network call to GitHub appears to be fetching a dependency, which is common but should be verified against known good sources.
  • Shell: Executing shell commands like generating keys and signing files can be legitimate, but it raises concerns about potential unauthorized actions or modifications to the system.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, suggesting no immediate threat to stored secrets.
  • Metadata: The package shows some red flags such as lack of maintainer information and a single package on PyPI, but no clear evidence of typosquatting or other malicious intent.

📦 Package Quality Overall: Low (3.6/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://apkpatcher.ci-yow.com
  • Detailed PyPI description (1979 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 60 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • version = "3.0.9" r = requests.get( f"https://github.com/baksmali/smali/releases/downlo
  • l) response = requests.get(url, timeout=30) response.raise_for_status()
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • ties result = subprocess.run( ["java", "-XshowSettings:properties", "
  • a random key...") subprocess.call( f"keytool -genkey -keyalg RSA -keysize 2048
  • ()]) result = subprocess.run(args, capture_output=True, text=True) self.l
  • > /dev/null", shell=True, ) self.logger.info("Signing the patch
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ci-yow.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apkpatcher 
Build a simple Python application using the apkpatcher package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!