asana-api-cli

v3.1.3 safe
3.0
Low Risk

Command-line wrapper around the official Asana Python SDK

πŸ€– AI Analysis

Final verdict: SAFE

The package shows minimal signs of potential risks, with no evidence of network, shell, obfuscation, or credential misuse. The metadata risk is slightly elevated due to the author's limited presence on PyPI.

  • Low network risk
  • No obfuscation or credential harvesting detected
  • Slightly elevated metadata risk due to single package authorship
Per-check LLM notes
  • Network: Connecting to localhost suggests internal package functionality and not external data exfiltration.
  • Shell: Executing an external command with a skipif marker likely serves a testing purpose but requires further scrutiny.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets and credentials.
  • Metadata: The author has only one package on PyPI, which may indicate a new or less active account, but no other suspicious flags were detected.

πŸ“¦ Package Quality Overall: Medium (5.6/10)

✦ High Test Suite 9.0

Test suite present β€” 12 test file(s) found

  • Test runner config found: pyproject.toml
  • 12 test file(s) detected (e.g. test_cli.py)
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (7008 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 289 type-annotated function signatures detected in source
β—ˆ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 100 commits in izumo-m/asana-api-cli
  • Single author but highly active (100 commits)

πŸ”¬ Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • glevel = 1 conn = http.client.HTTPConnection("127.0.0.1", port, timeout=2) # Add a trailing h
βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • he skipif marker result = subprocess.run( [ VERMIN_BIN, "--target=3.1
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

No author email provided

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository izumo-m/asana-api-cli appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Masanao Izumo" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with asana-api-cli 
Create a task management utility called 'TaskMaster' using the 'asana-api-cli' Python package. TaskMaster should allow users to manage their tasks on Asana more efficiently through the command line. Here’s a detailed breakdown of what the application should do:

1. **User Authentication**: Implement a secure method for users to authenticate with their Asana account credentials. This will involve fetching and storing OAuth tokens securely.
2. **Task Creation**: Allow users to create new tasks with customizable fields such as name, due date, assignee, and project. Users should be able to specify these details via command-line arguments.
3. **Task Listing**: Provide a feature to list all tasks from a specific workspace or project. Include options to filter tasks based on status (e.g., incomplete, completed).
4. **Task Updates**: Enable users to update existing tasks by changing their name, due date, status, or assignee. Ensure updates reflect changes made directly within the Asana interface.
5. **Task Deletion**: Implement functionality to delete tasks permanently or move them to the trash.
6. **Advanced Features**:
   - **Subtasks Management**: Allow creation, listing, updating, and deletion of subtasks under a parent task.
   - **Custom Field Support**: Support for setting and retrieving custom fields associated with tasks.
   - **Tagging System**: Integrate a tagging system where users can tag tasks for better organization and filtering.
7. **Command Line Interface**: Design a user-friendly CLI with clear help messages and argument descriptions.
8. **Error Handling**: Ensure robust error handling for various scenarios such as invalid inputs, API rate limits, and authentication failures.

To utilize the 'asana-api-cli' package effectively, follow these steps:
- Install the package using pip.
- Use its commands to interact with the Asana API, focusing on task-related operations.
- Leverage the package’s ability to handle complex requests and responses, streamlining your interaction with the Asana platform.

Your goal is to develop a versatile tool that enhances productivity and simplifies task management for Asana users.