ariel-tcu

v0.25.0 suspicious
4.0
Medium Risk

Telescope Control Unit (TCU) for Ariel

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits some potential risks that require closer scrutiny, particularly concerning subprocess execution. The maintainer's novelty and the absence of PyPI classifiers add to the uncertainty.

  • Shell risk due to subprocess execution
  • New maintainer with no PyPI classifiers
Per-check LLM notes
  • Network: No network calls detected, which is typical for many packages.
  • Shell: Subprocess execution detected, could be legitimate if documented functionality, but requires further investigation to rule out potential misuse.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, indicating low risk of malicious activity.
  • Metadata: Low risk due to lack of suspicious activities, but caution needed as the maintainer seems new and there are no PyPI classifiers.

📦 Package Quality Overall: Medium (5.0/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://ivs-kuleuven.github.io/cgse/
  • Detailed PyPI description (992 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 131 type-annotated function signatures detected in source
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 5 unique contributor(s) across 100 commits in IvS-KULeuven/cgse
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • md.append("--simulator") subprocess.Popen(cmd, stdout=out, stderr=out, stdin=subprocess.DEVNULL, close
  • riel.tcu.tcu_cs", "stop"] subprocess.Popen(cmd, stdout=out, stderr=out, stdin=subprocess.DEVNULL, close
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: kuleuven.be>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository IvS-KULeuven/cgse appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "IVS KU Leuven" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ariel-tcu 
Create a Python-based mini-application that simulates the control of a telescope using the 'ariel-tcu' package. This application will serve as a simplified version of the actual Telescope Control Unit (TCU) for the Ariel space mission, allowing users to perform basic operations such as pointing the telescope at specific celestial coordinates, adjusting focus, and capturing simulated images.

The application should include the following features:
1. A user-friendly command-line interface (CLI) that allows users to input commands and see real-time status updates.
2. Integration with the 'ariel-tcu' package to simulate the telescope's movement based on user inputs. Users should be able to specify target coordinates (Right Ascension and Declination) and have the telescope point towards these targets.
3. A feature to adjust the focus of the telescope manually or automatically based on predefined algorithms.
4. Simulated image capture functionality where the application generates a mock image based on the current position and focus settings of the telescope.
5. Logging capabilities to record all actions performed by the user and any changes made to the telescope's configuration.

Your task is to design and implement this mini-application from scratch. Start by setting up the development environment and installing the necessary packages, including 'ariel-tcu'. Then, develop the CLI and integrate it with the 'ariel-tcu' functionalities. Ensure that your application is well-documented and includes clear instructions for setup and usage. Additionally, write tests to validate the correctness of each feature implemented.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!