arkclaw-webchat-cli

v0.1.0 suspicious
5.0
Medium Risk

CLI to chat with an ArkClaw EE space's Claw over enterprise SSO — zero permanent AK/SK.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits some concerning behaviors such as network calls to unusual endpoints and a lack of historical metadata, which raises suspicion but does not conclusively point to malicious intent.

  • Unusual network endpoints
  • Lack of historical metadata
Per-check LLM notes
  • Network: The observed network calls to unusual endpoints like .well-known/arkclaw-cli may indicate unexpected behavior and could be used for unauthorized communication.
  • Shell: No shell execution patterns were detected in the provided code snippets.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is newly created with no history and lacks a git repository link, raising concerns about its legitimacy.

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • p("/") try: raw = urllib.request.urlopen(base + "/.well-known/arkclaw-cli", timeout=8).read()
  • sion={STS_VERSION}" req = urllib.request.Request( url, data=body, headers={"Content-Type": "a
  • ) try: raw = urllib.request.urlopen(req, timeout=15).read() except urllib.error.HTTP
  • SION}" try: raw = urllib.request.urlopen( urllib.request.Request(url, data=body,
  • .request.urlopen( urllib.request.Request(url, data=body, headers=headers), timeout=30
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T09:39:15.000Z)
  • Author "ArkClaw Team" appears to have only 1 package on PyPI (new or inactive account)

💡 AI App Starter Prompt

Use this prompt to build a project with arkclaw-webchat-cli 
Create a command-line interface (CLI) tool named 'ArkChat' that allows users to securely chat within their enterprise environment using the ArkClaw EE space's Claw service. This tool will leverage the 'arkclaw-webchat-cli' Python package to facilitate secure, single sign-on (SSO) based communication without needing to store any permanent access keys (AK/SK). Your task is to develop a fully functional mini-application that not only integrates 'arkclaw-webchat-cli' but also adds several user-friendly features.

**Core Functionality:**
1. **User Authentication:** Upon launching the application, users should be prompted to authenticate via their enterprise SSO credentials.
2. **Real-Time Messaging:** Once authenticated, users should be able to send and receive messages in real-time.
3. **Command Support:** Integrate support for basic commands such as '/help', '/users', '/logout', etc., to enhance user experience.
4. **Persistent Chat Sessions:** Allow users to resume previous chat sessions without needing to re-authenticate if they were logged out due to inactivity.
5. **Error Handling:** Implement robust error handling to manage common issues like network errors, authentication failures, and unexpected API responses.

**Suggested Features:**
- **Profile Management:** Users should be able to view and edit their profiles, including changing display names.
- **Group Chats:** Extend functionality to support group chats, allowing users to create and join multiple groups.
- **Message History:** Provide an option to view message history for both private and group chats.
- **Notification System:** Implement a notification system to alert users of new messages even when the application is minimized or not active.
- **Custom Themes:** Allow users to customize the appearance of the CLI interface.

Your project should demonstrate a deep understanding of the 'arkclaw-webchat-cli' package's capabilities and limitations, effectively utilizing it to provide a seamless and secure chat experience for enterprise users.