Package Metadata

Author: Arco maintainers
Email: —
PyPI: arco
Python: >=3.9
Versions: 17 releases
First release: 06 Feb 2026, 00:06 UTC
Analysed: 07 Jun 2026, 11:09 UTC
Source files: 14 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaIntended Audience :: Science/ResearchLicense :: OSI Approved :: BSD LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Programming Language :: Python :: 3.14

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate risk due to potential shell execution risks and a possible typosquatting attempt targeting 'arrow'. Further investigation into the legitimacy of the package and its usage scenarios is recommended.

Potential shell command injection
Typosquatting suspicion

Per-check LLM notes

Network: No network calls detected.
Shell: Subprocess execution may indicate potential for shell command injection or execution, which could be risky if not properly sanitized.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, indicating low risk of malicious activity.
Metadata: The maintainer has only one package, which might indicate a new or less active account.
⚠ Typosquatting target: arrow

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 11 test file(s) found

11 test file(s) detected (e.g. smoke_nlp.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (2877 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

113 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

6 unique contributor(s) across 100 commits in NatLabRockies/arco
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

er to fail") """ result = subprocess.run( [sys.executable, "-c", script], check=False
en to fail") """ result = subprocess.run( [sys.executable, "-c", script], check=False
] ) completed = subprocess.run( command, cwd=ROOT, env=env,

✓ Credential Harvesting

No credential harvesting patterns detected

⚠ Typosquatting score 6.0

Possible typosquat of: arrow, arq

"arco" is 2 edit(s) from "arrow"
"arco" is 2 edit(s) from "arq"

✓ Registered Email Domain

Email domain looks legitimate: users.noreply.github.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository NatLabRockies/arco appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Arco maintainers" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with arco

Create a Python-based mini-application named 'OptiCraft' that leverages the Arco optimization library through its Python bindings ('arco') to help users optimize their crafting recipes in a virtual world simulation game. This application will allow players to input their current resources and desired output items, and then it will use advanced optimization algorithms provided by the 'arco' package to suggest the most efficient way to craft the desired items.

Step 1: Define the Input Interface
- Users should be able to enter a list of available resources they have in their inventory, including the quantity of each resource.
- They should also specify the target item(s) they wish to craft, along with the desired quantities.

Step 2: Crafting Recipe Database Integration
- OptiCraft must include a database of crafting recipes, which maps required inputs to possible outputs.
- Each recipe should detail the exact quantities of resources needed to produce specific items.

Step 3: Optimization with 'arco'
- Utilize the 'arco' package to formulate and solve the optimization problem based on user inputs and the crafting recipe database.
- The optimization process should aim to minimize resource wastage while maximizing the production of the desired items.

Step 4: Output Results
- Display the optimized crafting plan to the user, detailing how many times each recipe should be executed to achieve the desired outcome efficiently.
- Include an option to visualize the results, such as a chart showing resource usage over time or a breakdown of total savings achieved.

Suggested Features:
- Interactive GUI using PyQt or Tkinter for better user experience.
- Option to save and load crafting plans.
- Ability to add custom recipes to the database.
- Real-time updates of resource availability as the user crafts items.

How 'arco' is utilized:
- 'arco' is used to set up the mathematical model representing the crafting scenario, including constraints (resource limits) and objectives (minimizing waste).
- It solves the optimization problem, providing the best strategy for crafting the desired items given the available resources.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue