appflowy-mcp

v0.6.0 safe
4.0
Medium Risk

AppFlowy MCP server for workspace, space, page, database, and row operations

🤖 AI Analysis

Final verdict: SAFE

The package has minimal risks associated with it, primarily concerning credential handling and metadata quality. There is no evidence of malicious activity or supply-chain attack.

  • Low risk scores across all categories except metadata.
  • No shell execution or obfuscation patterns detected.
Per-check LLM notes
  • Network: The network call pattern indicates the package is likely making HTTP requests with retry logic, which is common for legitimate functionality like API calls.
  • Shell: No shell execution patterns detected, suggesting no immediate risk from command execution.
  • Obfuscation: No obfuscation patterns detected in the provided code snippet.
  • Credentials: The code appears to be prompting for a password input which is a common practice for authentication but should ensure proper handling and storage of credentials.
  • Metadata: The package shows signs of low maintainer activity and poor metadata quality, but there are no clear indicators of malicious intent.

📦 Package Quality Overall: Low (4.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 2 test file(s) detected (e.g. test_export.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (12827 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 126 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 34 commits in weironz/appflowy_mcp
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • ) self._http_client = httpx.Client(timeout=60.0) self._max_retries = 3 self._ba
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • password = args.password or getpass.getpass("Password: ") if args.base_url: client.base_url
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with appflowy-mcp 
Create a fully-functional mini-application using the 'appflowy-mcp' Python package. This application will serve as a basic content management system (CMS) for managing workspaces, spaces, pages, databases, and rows within those databases. Here's a detailed breakdown of the requirements and steps to build this application:

1. **Setup Environment**: Ensure you have Python installed on your machine. Install the necessary dependencies including 'appflowy-mcp'.
2. **Define Core Features**:
   - Users should be able to create new workspaces.
   - Within each workspace, users can create multiple spaces.
   - Each space can contain one or more pages.
   - Databases can be added to any page, allowing for structured data storage.
   - Rows within databases can be added, edited, deleted, and queried.
3. **User Interface**:
   - Develop a simple command-line interface (CLI) or a basic web interface using Flask/Django for user interaction.
4. **Database Operations**:
   - Implement functionality to add, edit, delete, and query rows in the database.
5. **Security Considerations**:
   - Ensure that only authorized users can perform certain actions like deleting a workspace or modifying a database.
6. **Testing**:
   - Write unit tests to ensure all functions work as expected.
7. **Documentation**:
   - Provide clear documentation on how to install and use the application.

How 'appflowy-mcp' is Utilized:
- Use 'appflowy-mcp' to handle the backend logic for creating, updating, and managing workspaces, spaces, pages, databases, and rows. This includes leveraging its API to perform CRUD (Create, Read, Update, Delete) operations efficiently.
- For the CLI version, commands such as 'create_workspace', 'add_space', 'edit_page', etc., should be implemented to interact with 'appflowy-mcp'.
- In the case of a web interface, APIs exposed by 'appflowy-mcp' should be consumed via HTTP requests to manage the content.

This project aims to showcase the capabilities of 'appflowy-mcp' in managing complex hierarchical data structures and to provide a practical example of integrating it into a real-world application.