Package Metadata

Author: —
Email: "Ahmed G. Gad" <[email protected]>
PyPI: apothem
Python: >=3.10
Versions: 1 release
First release: 01 Jun 2026, 05:58 UTC
Analysed: 07 Jun 2026, 08:50 UTC
Source files: 62 .py files scanned

Project Links

Architecture Brand Changelog Discussions Documentation Homepage Issues Reference Repository Security

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersOperating System :: MacOSOperating System :: Microsoft :: WindowsOperating System :: OS IndependentOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant risks due to its network activity, subprocess execution, and incomplete metadata, suggesting potential vulnerabilities or malicious intent.

network risk due to unspecified external communications
shell risk from subprocess execution without clear justification
metadata risk due to missing repository and author details

Per-check LLM notes

Network: The package makes network calls which could potentially be used for communication outside the application but lacks clear documentation.
Shell: Subprocess execution is detected, which can be legitimate for tasks like version control operations but may also indicate potential for executing arbitrary commands.
Metadata: The package is suspicious due to the missing repository and author details, indicating potential lack of transparency and accountability.

📦 Package Quality Overall: Low (4.2/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://apothem.ahmedgad.com/usage/
Detailed PyPI description (17206 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

448 type-annotated function signatures detected in source

○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

GitHub API error: 404

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

n happens here. request = urllib.request.Request( # noqa: S310 (audit context) url, method="
r/0.1") try: with urllib.request.urlopen( # noqa: S310 (audit context) # nosec B310

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

flagged. _RESTAGE_VERBS = re.compile( r"\bre-(?:execute|audit|sweep|author|generate|review|emit|run|" r"veri
gs.output.write_text( __import__("json").dumps(payload, indent=2) + "\n", encoding="utf-8",

⚠ Shell / Subprocess Execution score 10.0

Found 5 shell execution pattern(s)

e.monotonic() completed = subprocess.run( # noqa: S603 — trusted invocation: literal argv against th
start = time.monotonic() subprocess.run( # noqa: S603 — trusted invocation: literal argv against th
try: completed = subprocess.run( ["git", "log", "-1", "--pretty=%B"], # noqa: S
try: completed = subprocess.run( # noqa: S603 — trusted invocation: sys.executable + litera
try: completed = subprocess.run( # noqa: S603 — trusted invocation: literal argv against gi

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: ahmedgad.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apothem

Create a mini-application named 'ApothemAIConfigurator' that leverages the 'apothem' Python package to manage configurations for various AI models across different hosting environments (cloud, local, edge devices). The application should allow users to define, store, and switch between multiple configurations for different AI models, ensuring seamless deployment and management without the need to manually adjust settings for each environment. Here’s a detailed breakdown of the project scope:

1. **Configuration Management**: Implement a feature where users can create, edit, delete, and view configurations for AI models. Each configuration should include parameters specific to the model and the hosting environment.
2. **Environment Support**: Ensure the application supports at least three types of environments: cloud, local, and edge devices. Each environment may require different settings due to varying resource constraints and network conditions.
3. **Model Compatibility**: The app should be compatible with popular AI frameworks such as TensorFlow, PyTorch, and scikit-learn, allowing users to select which framework they are using when defining a new configuration.
4. **User Interface**: Develop a simple command-line interface (CLI) for interacting with the application. The CLI should provide commands for all core functionalities like adding a new configuration, listing existing configurations, switching active configurations, and more.
5. **Security**: Integrate basic security measures such as user authentication to protect configurations from unauthorized access. Users should be able to set up their own accounts and manage their configurations privately.
6. **Documentation**: Provide comprehensive documentation on how to install and use ApothemAIConfigurator, including examples of typical use cases and advanced features.
7. **Integration with Apothem**: Utilize the 'apothem' package to handle the core logic of managing configurations across different environments. This includes leveraging 'apothem' for parsing configuration files, handling environment-specific overrides, and ensuring consistency in how configurations are applied regardless of the hosting environment.

Your task is to design and implement the 'ApothemAIConfigurator' application following these guidelines, making sure it demonstrates the power and flexibility of the 'apothem' package in managing AI configurations efficiently.