AI Analysis
Final verdict: SAFE
The package is deemed safe based on low risks across all categories except metadata, which indicates potential new or inactive maintainer activity. However, there are no clear malicious indicators.
- Low network, shell, obfuscation, and credential risks
- Metadata risk due to potential new or inactive maintainer activity
Per-check LLM notes
- Network: The presence of network calls is expected if the package relies on external services or APIs.
- Shell: No shell execution patterns detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The package shows signs of potential new or inactive maintainer activity, but no clear malicious indicators.
Package Quality Overall: Medium (5.8/10)
β Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
β¦ High
Documentation
9.0
Well-documented package
Documentation URL: "Documentation" -> https://docs.unpatterned.org2 documentation file(s) (e.g. __init__.py)Detailed PyPI description (6513 chars)
β Medium
Contributing Guide
7.0
Some contribution signals present
Governance file: governance.py
β Medium
Type Annotations
7.0
Partial type annotation coverage
Classifier: Typing :: Typed206 type-annotated function signatures detected in source
β Medium
Multiple Contributors
5.0
Limited contributor diversity
1 unique contributor(s) across 29 commits in unpatterned-labs/archeSingle author but highly active (29 commits)
Heuristic Checks
Outbound Network Calls
score 1.5
Found 1 network call pattern(s)
memory. with ( httpx.Client( timeout=timeout_seconds, follow_r
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: unpatterned.org>
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 2.5
Git history flags: Repository has zero stars and zero forks
Repository has zero stars and zero forks
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with arche-core
Create a privacy compliance checker application using the 'arche-core' Python package. This application will help organizations ensure they are compliant with various data protection laws in Africa, such as Nigeriaβs NDPA, South Africaβs POPIA, Kenyaβs Data Protection Act, and Ghanaβs Data Protection Act. The app should be able to detect and flag potential Personally Identifiable Information (PII) in text data, including government IDs, names, phone numbers, and addresses from specified countries. Additionally, the application should cite the relevant legal basis for each detected piece of PII, helping users understand which regulations apply to specific types of data. Steps to create this application: 1. Set up a Python environment with all necessary dependencies installed, including 'arche-core'. 2. Design a user-friendly interface where users can input text data for analysis. 3. Implement functionality to detect PII elements within the provided text, leveraging 'arche-core'. 4. For each detected PII element, display the type of information found and the applicable law(s) from the mentioned jurisdictions. 5. Allow users to export the results in a structured format (CSV or JSON). 6. Add a feature to generate a summary report highlighting compliance risks and suggesting actions to mitigate them. 7. Ensure the application is well-documented, with clear instructions on installation and usage.
π¬ Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue