arcanus

v0.0.22 suspicious
4.0
Medium Risk

Sticker to bind pydantic schemas with various datasources

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risks in terms of network activity, shell execution, obfuscation, and credential handling. However, the incomplete author metadata and possibly inactive account raise concerns about the package's origin and maintenance.

  • Incomplete author details
  • Possibly inactive account
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires internet access for its functionality.
  • Shell: No shell execution patterns detected, indicating no direct command execution from the package.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, indicating safe handling of secrets.
  • Metadata: The author's details are incomplete and the account seems new or inactive, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 40 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: conftest.py
  • Test runner config found: conftest.py
  • 40 test file(s) detected (e.g. test_noop_materia.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (30113 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 873 type-annotated function signatures detected in source
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 3 unique contributor(s) across 100 commits in kalynnka/arcanus
  • Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: hotmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository kalynnka/arcanus appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with arcanus 
Create a small application called 'StickerSync' which will synchronize data between a user's local file system and a cloud storage service like Google Drive. This application will use the 'arcanus' Python package to bind Pydantic schemas with both the local file system and the cloud storage API, ensuring that any changes made in one location are reflected in the other.

Step-by-Step Guide:
1. Define a Pydantic schema to represent files and directories in your local file system and in Google Drive.
2. Use the 'arcanus' package to create a binding between these schemas and their respective datasources (local file system and Google Drive).
3. Implement a synchronization function that compares the state of files and directories in both locations using the bound schemas.
4. If discrepancies are found, update the cloud storage or the local file system accordingly.
5. Add a scheduling feature to periodically run the synchronization process without manual intervention.
6. Include error handling and logging to track any issues during synchronization.
7. Provide a simple CLI interface for users to initiate manual synchronization and view logs.

Suggested Features:
- Real-time sync option for immediate updates.
- Conflict resolution strategy when the same file is modified in both locations.
- Ability to exclude certain files or directories from being synced.
- Support for multiple cloud storage services through plugins.
- User-friendly logging and notifications.

How 'arcanus' is Utilized:
- 'arcanus' will be used to define and manage the bindings between the Pydantic schemas and the local file system and cloud storage APIs. This ensures that any changes made to the schemas are automatically reflected in the datasources they are bound to, simplifying the process of keeping the two systems in sync.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!