apst-starter-kit

v0.1.0 suspicious
4.0
Medium Risk

Local-first Accelerated Prompt Stress Testing starter kit

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risk in terms of network activity, shell execution, and obfuscation. However, its metadata raises some concerns due to limited maintainer history and lack of a public git repository.

  • Metadata risk score is moderately high at 5/10 due to limited maintainer history and no public git repository.
  • Otherwise, the package does not exhibit any direct signs of malicious behavior.
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require external communication.
  • Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new with limited maintainer history and no public git repository, raising suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (4.8/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

  • Test runner config found: pyproject.toml
  • 8 test file(s) detected (e.g. test_classifier.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/keitabroadwater/apst-starter-kit#readme
  • Detailed PyPI description (4817 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 123 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Keita Broadwater" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apst-starter-kit 
Build a simple Python application using the apst-starter-kit package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!