apminsight

v1.8.1 suspicious
5.0
Medium Risk

Site24x7 application performance monitoring

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risks due to execution of shell commands and obfuscation techniques, which could indicate malicious intent. However, there is no concrete evidence of credential harvesting or other severe threats.

  • High shell risk
  • Significant obfuscation risk
Per-check LLM notes
  • Network: Network calls to AWS URLs may be legitimate if the package is designed for cloud integration or monitoring.
  • Shell: Execution of shell commands can pose a risk if not properly sanitized or controlled, especially if it involves user inputs.
  • Obfuscation: The presence of base64 decoding without corresponding encoding or encryption suggests potential obfuscation rather than standard cryptographic practices.
  • Credentials: No clear patterns indicative of credential harvesting were detected.
  • Metadata: The maintainer has only one package and lacks PyPI classifiers, suggesting low effort or an inactive account.

📦 Package Quality Overall: Low (3.2/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (5989 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Separate author ("Zoho Corporation Pvt. Ltd.") and maintainer ("ManageEngine Site24x7") listed
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 18 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • try: request = urllib.request.Request(AWS_URL) with urllib.request.urlopen(req
  • est(AWS_URL) with urllib.request.urlopen(request, timeout=5) as response: if
  • try: token_req = urllib.request.Request(AWS_TOKEN_URL, method="PUT") token_req.a
  • onds", "30") with urllib.request.urlopen(token_req) as response: token = resp
  • , token) with urllib.request.urlopen(request) as response: if respons
  • TA_URL) request = urllib.request.Request(url) with urllib.request.urlopen(request
Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

  • (text, bytes): return base64.b64decode(text) return "" def base64_encrypt(key, iv, text):
  • t: str, iv: str): return [base64.b64decode(key.encode("utf-8")), ciphertext, base64.b64decode(iv.encode
  • encode("utf-8")), ciphertext, base64.b64decode(iv.encode("utf-8"))] def openssl_encrypt(key: bytes, text:
  • tes): bytes_ciphertext = base64.b64decode(ciphertext.encode("utf-8")) try: from cryptogra
Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • ] result = subprocess.run(command, input=text, text=True, capture_output=True, timeou
  • ", ] result = subprocess.run( command, input=ciphertext.encode("utf-8") + b"\
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: zohocorp.com

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "Zoho Corporation Pvt. Ltd." appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apminsight 
Build a simple Python application using the apminsight package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!