archai-mcp

v0.3.3 suspicious
4.0
Medium Risk

Structural analysis engine for AI coding agents

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has some potential risks due to its low repository engagement and sparse author profile, which may suggest a lack of community oversight or support.

  • Low repository engagement
  • Sparse author profile
Per-check LLM notes
  • Network: No network calls detected, indicating low risk.
  • Shell: Detected shell execution appears to be related to git operations, which is common for version control but could indicate potential local system interaction risks.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of malicious credential theft.
  • Metadata: The repository's low engagement and the author's sparse profile suggest potential risk.

📦 Package Quality Overall: Medium (5.6/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://github.com/CristianChachaLeon/arch-ai#readme
  • Detailed PyPI description (4414 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 67 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in CristianChachaLeon/arch-ai
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • """ try: result = subprocess.run( ["git", "rev-parse", "--show-toplevel"],
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with archai-mcp 
Create a Python-based application called 'CodeStructAnalyzer' that leverages the 'archai-mcp' package to analyze the structural integrity of code written by AI coding assistants. This tool will be invaluable for developers looking to ensure the robustness and maintainability of their codebases when using AI-generated code snippets. Here's a detailed breakdown of the project scope and features:

1. **Application Overview**: CodeStructAnalyzer will take input from users in the form of a Python code snippet or file path to a Python script. It will then analyze the structure of the provided code using the 'archai-mcp' package, which specializes in structural analysis for AI-generated code.

2. **Core Features**:
   - **Code Input**: Users can either paste code directly into the application or provide a file path to a Python script.
   - **Structural Analysis**: Utilize 'archai-mcp' to perform a deep dive into the code's architecture, identifying potential issues related to modularity, cohesion, coupling, and other structural metrics.
   - **Visualization**: Generate visual representations of the code's structure, such as dependency graphs or module interaction diagrams.
   - **Report Generation**: Create detailed reports summarizing the findings of the analysis, highlighting areas that could benefit from refactoring or restructuring.

3. **Implementation Steps**:
   - Install the necessary packages including 'archai-mcp'.
   - Design a user-friendly interface for code input and visualization output.
   - Integrate 'archai-mcp' functionalities to analyze the structural aspects of the provided code.
   - Develop algorithms to interpret the analysis results and generate meaningful visualizations.
   - Implement report generation capabilities that summarize the structural health of the code.

4. **Utilization of 'archai-mcp' Package**: The 'archai-mcp' package will be the backbone of the structural analysis feature. It will be used to parse the provided code, identify key structural elements, and assess the overall architectural soundness. This includes analyzing module dependencies, class relationships, function calls, and more. The insights gained from these analyses will be crucial for generating both the visualizations and the detailed reports.

5. **Expected Outcome**: By the end of this project, you'll have developed a powerful tool that not only aids in the maintenance of AI-generated code but also educates users on best practices for structuring Python code. This tool will serve as a valuable asset for developers working with AI-assisted coding tools.