arrakis

v0.12.0 suspicious
5.0
Medium Risk

Python client library for the Arrakis low-latency timeseries data distribution platform

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package is flagged as suspicious due to its shell execution risk and lack of detailed metadata.

  • Shell execution present with potential risks
  • Sparse maintainer information and no associated GitHub repository
Per-check LLM notes
  • Network: No network calls were detected.
  • Shell: Shell execution is present and could be a potential risk if not properly sanitized or validated.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package has no associated GitHub repository and the maintainer's information is sparse, indicating potential unreliability.

πŸ“¦ Package Quality Overall: Medium (5.6/10)

✦ High Test Suite 9.0

Test suite present β€” 17 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 17 test file(s) detected (e.g. conftest.py)
✦ High Documentation 9.0

Well-documented package

  • Documentation URL: "Documentation" -> https://docs.ligo.org/ngdd/arrakis-python
  • 1 documentation file(s) (e.g. gen_ref_nav.py)
  • Detailed PyPI description (4592 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 100 type-annotated function signatures detected in source
β—‹ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked β€” contributor count unavailable

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • (args.command) proc = subprocess.run( # noqa: S602 " ".join(args.command),
  • .debug(" ".join(cmd)) subprocess.run(cmd, check=True) # noqa S603 def exec( self,
  • " ".join(cmd)) return subprocess.run( # noqa S603 cmd, **kwargs,
  • in(args.command), shell=True, ) raise SystemExit(proc.returncode) lo
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: ligo.org>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

No GitHub repository linked

  • No GitHub repository link found
⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with arrakis 
Create a real-time stock market monitoring tool using the Python package 'arrakis'. This application will allow users to subscribe to real-time stock price updates from multiple exchanges and visualize these prices in real-time. Here’s a step-by-step guide on how to build this application:

1. **Setup**: Install the necessary packages including 'arrakis' and other required libraries such as pandas for data manipulation and matplotlib or plotly for visualization.
2. **Connection**: Use the 'arrakis' package to connect to the low-latency timeseries data distribution platform. Ensure you configure your connection settings properly to authenticate and establish a stable connection.
3. **Subscription**: Implement functionality to subscribe to real-time stock price updates. Users should be able to specify which stocks they want to monitor and which exchanges these stocks belong to.
4. **Data Processing**: Utilize pandas to process incoming data streams efficiently. Clean and format the data to ensure it is ready for visualization.
5. **Visualization**: Develop a real-time dashboard where users can see the stock prices updating in real-time. Consider implementing features like historical price comparisons and alerts when prices exceed certain thresholds.
6. **Alerts**: Set up an alert system that triggers notifications based on user-defined conditions, such as significant price changes.
7. **User Interface**: Design a simple yet intuitive UI using web frameworks like Flask or Django. This UI should allow users to interact with the application easily.

Some suggested features include:
- Multi-exchange support for broader market coverage.
- Historical data comparison charts.
- User-specific alert configurations.
- A clean and responsive web interface.

The 'arrakis' package is utilized throughout the project for connecting to the data source, subscribing to real-time updates, and ensuring low-latency data transmission, making it ideal for real-time financial applications.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!