arxiv-daily

v0.1.6 safe
2.0
Low Risk

Tracking daily arXiv updates and generating intelligent summaries with LLMs.

🤖 AI Analysis

Final verdict: SAFE

The package shows minimal risks across all categories with no indications of malicious behavior or supply-chain attacks.

  • Low network, shell, obfuscation, and credential risks.
  • Moderate metadata risk noted but does not indicate any malicious intent.
Per-check LLM notes
  • Network: The network call patterns indicate legitimate HTTP requests to check the status of URLs, which is common for packages that interact with external services like arXiv.
  • Shell: No shell execution patterns detected, indicating no immediate risk of executing arbitrary commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: Low risk due to lack of suspicious elements, but potential low maintainer activity and metadata quality issues.

📦 Package Quality Overall: Low (4.6/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (6785 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 26 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 53 commits in GZU-MuTian/arxiv-daily
  • Single author but highly active (53 commits)

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • " try: response = requests.head(html_url, timeout=10) if response.status_code == 200
  • try: response = requests.get(url, timeout=timeout) if response.status_code ==
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gzu.edu.cn>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository GZU-MuTian/arxiv-daily appears legitimate

Maintainer History score 6.0

3 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with arxiv-daily 
Build a simple Python application using the arxiv-daily package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!