Package Metadata

Author: —
Email: Amilcar do Carmo Lucas <[email protected]>
PyPI: ardupilot-methodic-configurator
Python: >=3.9
Versions: 93 releases
First release: 18 Dec 2024, 16:25 UTC
Analysed: 07 Jun 2026, 11:18 UTC
Source files: 62 .py files scanned

Project Links

changelog chat documentation download forum homepage issues source

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersIntended Audience :: EducationIntended Audience :: End Users/DesktopIntended Audience :: ManufacturingIntended Audience :: Science/ResearchNatural Language :: Chinese (Simplified)Natural Language :: EnglishNatural Language :: GermanNatural Language :: Italian

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits several concerning practices including the use of eval with encoded strings, potential environmental variable misuse, and risky shell executions, indicating a high risk of being exploited for malicious purposes.

High obfuscation risk due to eval usage
High shell risk due to external command execution

Per-check LLM notes

Network: The network call pattern is relatively benign, used for fetching data from a URL.
Shell: The shell execution patterns are concerning as they involve running external commands which could potentially execute arbitrary code.
Obfuscation: The use of eval with suspicious encoded strings indicates potential for executing arbitrary code, which is highly suspicious and likely malicious.
Credentials: Environmental variable access and usage of tokens suggest the possibility of unauthorized data harvesting, especially without clear justification.
Metadata: The package shows some red flags such as non-secure links and an author with limited information, but no clear evidence of malicious intent or typosquatting.

📦 Package Quality Overall: Medium (7.4/10)

✦ High Test Suite 9.0

Test suite present — 29 test file(s) found

29 test file(s) detected (e.g. data_model_motor_test.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "documentation" -> https://github.com/ArduPilot/MethodicConfigurator/blob/maste
Detailed PyPI description (32077 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
Type checker (mypy / pyright / pytype) referenced in project
654 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

9 unique contributor(s) across 100 commits in ArduPilot/MethodicConfigurator
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

rnet to the PC response = requests.get(url, timeout=5) if response.status_code == 200:

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

[int, float, str]", evaluator.eval(expression)) except ( InvalidExpression,
"PARAM1": {"New Value": "__import__('os').system('echo pwned')", "Change Reason": "Malicious"},
: {"New Value": "__builtins__.__import__('os').system('id')", "Change Reason": "Malicious"}, }

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

current process.""" with subprocess.Popen( # noqa: S602 [batch_file_path], shell=True
""" try: result = subprocess.run( # noqa: S603 ["hdiutil", "attach", dmg_path, "
d extended attributes subprocess.check_call(["ditto", app_path, dest]) # noqa: S603, S607 if p
ocessError, OSError): subprocess.run( # noqa: S603 ["hdiutil", "detach", mount_point
] try: ret = subprocess.check_call(cmd) # noqa: S603 except subprocess.CalledProcessError
path\to\file" subprocess.run(["explorer", "/select,", file_path_str], check=False) # noq

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

sts/hour. """ token = os.environ.get("GITHUB_TOKEN") if token: return {"Authorization": f"Bearer {
e": {"source_local": "../../../etc/passwd", "dest_on_fc": "/fs/microsd/file"}} } wit

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: iav.de>

⚠ Suspicious Page Links score 6.0

Found 3 suspicious link(s) on the package page

Non-HTTPS external link: http://isitmaintained.com/badge/resolution/ArduPilot/MethodicConfigurator.svg
Non-HTTPS external link: http://isitmaintained.com/project/ArduPilot/MethodicConfigurator
Non-HTTPS external link: http://isitmaintained.com/badge/open/ArduPilot/MethodicConfigurator.svg

✓ Git Repository History

Repository ArduPilot/MethodicConfigurator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ardupilot-methodic-configurator

Your task is to develop a user-friendly graphical interface application using Python that leverages the 'ardupilot-methodic-configurator' package to streamline the configuration process for various ArduPilot-based drones. This application will significantly ease the setup procedure for hobbyists and professionals alike, making it accessible to users who may not have extensive technical expertise. Here’s a detailed breakdown of what your application should accomplish:

1. **User Interface**: Design a clean, intuitive GUI using a toolkit like Tkinter or PyQt. The UI should allow users to select their drone model from a dropdown menu, input specific parameters such as GPS coordinates, flight altitude, and mission types (e.g., surveying, photography).
2. **Configuration Wizard**: Implement a step-by-step wizard within the application that guides users through the configuration process based on the selected drone model and mission type. Use the 'ardupilot-methodic-configurator' package to define these sequences and validate inputs.
3. **Parameter Validation**: Ensure that all entered parameters are valid according to the specifications provided by the 'ardupilot-methodic-configurator'. For instance, if a user selects a mission type that requires a specific GPS coordinate range, the application should enforce this rule.
4. **Configuration Export**: Once all necessary configurations are validated, the application should export these settings into a format compatible with ArduPilot vehicles (such as a .param file). Users should be able to save and load these configurations for future use.
5. **Error Handling and Feedback**: Provide clear feedback to users when errors occur during the configuration process. This could include invalid parameter entries, missing required information, or unsupported drone models.
6. **Advanced Features** (Optional): Consider adding advanced features such as real-time simulation of the drone's flight path based on the configured parameters, or integration with online maps to visualize GPS coordinates.

In utilizing the 'ardupilot-methodic-configurator' package, focus on its ability to provide a structured approach to configuring ArduPilot vehicles. Your application should leverage this package to ensure that all configurations adhere to best practices and are compatible with the chosen drone model and mission type.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (7.4/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue