Package Metadata

Author: —
Email: mturac <[email protected]>
PyPI: argus-audit
Python: >=3.10
Versions: 1 release
First release: 16 May 2026, 23:17 UTC
Analysed: 07 Jun 2026, 11:36 UTC
Source files: 35 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Information TechnologyLicense :: OSI Approved :: MIT LicenseOperating System :: MacOSOperating System :: POSIXProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant risks related to shell invocation and obfuscation techniques, which could be indicative of malicious intent. However, it lacks strong evidence of direct malicious behavior.

High shell risk due to direct shell invocations
High obfuscation risk due to dangerous functions

Per-check LLM notes

Network: The package attempts to connect to hosts on specific ports, which could indicate legitimate functionality but may also suggest unauthorized network activity.
Shell: The use of functions that invoke the shell directly is risky and suggests potential for command injection, indicating high risk unless justified by package documentation.
Obfuscation: High risk due to the presence of dangerous functions like eval() and deserialization sinks which can lead to remote code execution.
Credentials: Low to medium risk as the detected pattern is likely part of a test case for exception handling rather than actual credential harvesting.
Metadata: The package is suspicious due to its recent creation, low activity, and incomplete maintainer information.

📦 Package Quality Overall: Medium (5.0/10)

✦ High Test Suite 9.0

Test suite present — 17 test file(s) found

17 test file(s) detected (e.g. test_authz.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (2732 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

103 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 7 commits in mturac/pluginpool-argus-audit
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

⚠ Outbound Network Calls score 9.0

Found 6 network call pattern(s)

nding]: try: with socket.create_connection((host, 6379), timeout=3.0) as sock: sock.sendall
RT_NONE try: with socket.create_connection((host, port), timeout=CONNECT_TIMEOUT_S) as sock:
efault_context() with socket.create_connection((host, port), timeout=CONNECT_TIMEOUT_S) as sock:
se refusal. """ req = urllib.request.Request(url, headers={"User-Agent": USER_AGENT, **(headers o
r {})}) try: with urllib.request.urlopen(req, timeout=timeout) as resp: if resp.s
ship fetch: {url}") req = urllib.request.Request(url, headers={"User-Agent": DEFAULT_USER_AGENT})

⚠ Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

static.python.eval", "Dynamic eval() — arbitrary code execution sink", Severity.HIGH, "CWE-95",
# unrelated ``my_obj.eval()`` / ``logger.system()``). rule = _DANGEROUS_CA
tatic.python.marshal_loads", "marshal.loads() — deserialization RCE sink", Severity.CRITICAL, "CWE-502",
static.python.pickle_loads", "pickle.loads() — deserialization RCE sink", Severity.CRITICAL, "CWE-502",
pickle_loads", title="pickle.loads()", severity=Severity.CRITICAL, surface="static", ta

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

us.static.python.os_system", "os.system() invokes a shell — command injection sink", Severity.HIGH,
gus.static.python.os_popen", "os.popen() invokes a shell — command injection sink", Severity.HIGH,
Severity.HIGH, "CWE-78", "Use subprocess.run([...], shell=False)"), "pickle.loads": ("argus.stat
ython.subprocess_getoutput", "subprocess.getoutput() invokes a shell — command injection sink", Severity.HIGH,
Severity.HIGH, "CWE-78", "Use subprocess.run([...], shell=False, capture_output=True)"), "subprocess.
Severity.HIGH, "CWE-78", "Use subprocess.run([...], shell=False, capture_output=True) and inspect .return

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

99-02-31", "yesterday", "../../etc/passwd"): with pytest.raises(IntelError): inte

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 5.0

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks
All 7 commits happened within 24 hours

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with argus-audit

Create a comprehensive security audit tool using the 'argus-audit' Python package. This tool will serve as a white-hat security audit and pentest orchestrator for a given set of software components or systems. Your task is to develop a mini-application that can perform automated security assessments on a specified target system or software stack. The application should be able to identify vulnerabilities based on NVD, KEV, and EPSS data sources and utilize the five scanner modules provided by the 'argus-audit' package. Here are the steps and features your application should include:

1. **Setup**: Initialize the application with necessary configurations, such as specifying the target system or software stack to be audited.
2. **Scanning**: Use the 'argus-audit' package to scan the target system for known vulnerabilities. Ensure the application can select which of the five scanner modules to use based on the type of target being audited.
3. **Reporting**: After scanning, generate a detailed report summarizing the findings, including the severity of each identified vulnerability and recommended actions.
4. **Self-Update**: Implement functionality to ensure the application stays updated with the latest vulnerability intelligence from NVD, KEV, and EPSS databases.
5. **User Interface**: Develop a simple command-line interface (CLI) for interacting with the application, allowing users to specify targets, view reports, and manage updates.
6. **Customization**: Allow users to customize the scanning process, such as choosing specific scanners or setting thresholds for vulnerability severity.
7. **Security Measures**: Incorporate basic security measures within the application itself to protect against misuse, ensuring it operates only in a controlled and secure environment.

Your goal is to create a functional and user-friendly tool that leverages the power of 'argus-audit' to provide valuable insights into the security posture of various systems or software stacks.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.0/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue