archibald

v1.0.0 suspicious
4.0
Medium Risk

A lightweight library for interacting with ESRI ArcGIS REST APIs.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network, shell execution, obfuscation, and credential handling. However, the metadata risk score is high due to the newly created repository and the maintainer's limited package history, suggesting potential malicious intent.

  • High metadata risk due to new repository and maintainer
  • No significant technical risks identified
Per-check LLM notes
  • Network: Network calls are made to establish an HTTP client, which could be legitimate if the package is designed to interact with external services.
  • Shell: No shell execution patterns were detected, indicating low risk.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository is newly created and the maintainer has a new or inactive account with limited package history, raising concerns about potential malicious intent.

📦 Package Quality Overall: Medium (6.4/10)

✦ High Test Suite 9.0

Test suite present — 24 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 24 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://cityofboulder.github.io/archibald/
  • Detailed PyPI description (5331 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
  • 78 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 90 commits in cityofboulder/archibald
  • Single author but highly active (90 commits)

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • e: self._client = httpx.AsyncClient(auth=self._auth) return self._client def _build
  • e: self._client = httpx.AsyncClient() return self._client async def _get_lock(self)
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: bouldercolorado.gov>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository created very recently: 5 day(s) ago (2026-06-02T00:41:10Z)

  • Repository created very recently: 5 day(s) ago (2026-06-02T00:41:10Z)
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with archibald 
Create a Python-based geospatial data analysis tool named 'ArcGIS Explorer' using the 'archibald' package. This application should allow users to interact with ESRI ArcGIS REST APIs to fetch, analyze, and visualize geospatial data. The goal is to provide a user-friendly interface for querying, filtering, and displaying geographic information.

Step-by-Step Instructions:
1. Set up your development environment with Python and install the 'archibald' package.
2. Design a simple command-line interface (CLI) for user interaction. Users should be able to specify their ArcGIS server URL and authentication details.
3. Implement functionality to query layers from the ArcGIS server. Users should be able to select specific layers based on predefined categories such as 'Transportation', 'Land Use', etc.
4. Integrate filtering options allowing users to refine the dataset based on attribute values. For example, users might want to filter roads based on type (highway, local) or land use based on category (residential, commercial).
5. Develop a feature to display fetched data in a tabular format. Include options to sort and search within the displayed data.
6. Utilize the 'archibald' package's visualization capabilities to render the selected layers on a map. Allow customization of map views, such as setting the zoom level and center point.
7. Add an export option to save the visualized map as an image file (PNG, JPEG) or as a KML file for Google Earth.
8. Implement error handling to manage common issues like invalid URLs, failed authentication, or unsupported queries.
9. Document the code thoroughly, explaining each module and function, and include a README file detailing installation, setup, and usage instructions.
10. Test the application with various ArcGIS servers to ensure compatibility and reliability.

Suggested Features:
- Support for multiple ArcGIS server versions.
- Integration with popular Python plotting libraries (e.g., Matplotlib, Folium) for advanced data visualization.
- Export options to other formats like GeoJSON or Shapefile.
- Interactive CLI commands for dynamic user input.
- Logging mechanisms to track application activities and errors.

How 'archibald' is Utilized:
- 'archibald' will be used to establish connections with ArcGIS servers, authenticate requests, and perform queries against specified layers. It simplifies the process of interacting with ArcGIS REST APIs, making it easier to focus on implementing higher-level functionalities such as data filtering, visualization, and exporting.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!