askbot

v0.13.0 suspicious
5.0
Medium Risk

Question and Answer forum, like StackOverflow, written in python and Django

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package has low risks for obfuscation and credential harvesting but has a moderate metadata risk due to suspicious non-HTTPS links and incomplete maintainer information, which raises concerns about its trustworthiness.

  • Moderate metadata risk
  • Incomplete maintainer information
  • Suspicious non-HTTPS links
Per-check LLM notes
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: Suspicious non-HTTPS links and incomplete maintainer information suggest potential risks.

πŸ“¦ Package Quality Overall: Low (4.6/10)

β—‹ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3212 chars)
β—‹ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 3 unique contributor(s) across 100 commits in ASKBOT/askbot-devel
  • Small but multi-author team (3–4 contributors)

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • SAGES/django.po' % locale subprocess.call(command.split()) print(command) command = 'msgfmt -c
  • locale print(command) subprocess.call(command.split()) # -*- coding: utf-8 -*- # Miville # Copyri
  • .path.dirname(dest_file)) subprocess.call(( 'msgcat', os.path.join(DIR1, file_path),
  • args}' print(command) subprocess.call( command.split(), cwd=PROJECT_ROOT ) d
βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com>

⚠ Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

  • Non-HTTPS external link: http://askbot.com.
  • Non-HTTPS external link: http://askbot.org
βœ“ Git Repository History

Repository ASKBOT/askbot-devel appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with askbot 
Create a fully-functional online Q&A platform using the 'askbot' package, which is a Python-based forum system similar to StackOverflow. Your goal is to build a community-driven knowledge base where users can post questions, receive answers from other users, and engage in discussions. Here’s a step-by-step guide on how to approach this project:

1. **Project Setup**: Begin by setting up your development environment. Ensure you have Python and Django installed. Then, install the 'askbot' package via pip.
2. **Configuration**: Configure 'askbot' according to your needs. This includes setting up user authentication, configuring email settings for notifications, and customizing the look and feel of the forum.
3. **Feature Implementation**:
   - **Question Posting**: Allow registered users to post questions with tags and descriptions.
   - **Answering Questions**: Enable users to answer questions and provide explanations or links to resources.
   - **Upvotes/Downvotes**: Implement a system where users can upvote or downvote questions and answers based on their quality and relevance.
   - **Commenting System**: Add a commenting feature under both questions and answers to facilitate further discussion.
   - **User Profiles**: Create profiles for users that display their reputation points, badges earned, and contributions.
4. **Community Features**:
   - **Badges and Reputation**: Design a badge system and reputation points that users earn based on their activity and contributions.
   - **Moderation Tools**: Provide tools for moderators to manage content, including the ability to edit, delete, or lock posts.
5. **Integration**: Integrate your Q&A platform into existing websites or standalone as a separate portal.
6. **Testing**: Thoroughly test all features to ensure they work as expected. Pay special attention to user interactions and data integrity.
7. **Deployment**: Deploy your application to a server or cloud service, ensuring it is accessible to the public.

Throughout the project, utilize 'askbot' to handle the core functionalities of the Q&A platform, while focusing on customizing and extending its capabilities to meet specific requirements. Document each step of the process and any challenges faced during development.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!