Package Metadata

Author: —
Email: Sarper AVCI <[email protected]>
PyPI: asqli
Python: >=3.10
Versions: 4 releases
First release: 21 May 2026, 13:12 UTC
Analysed: 07 Jun 2026, 14:37 UTC
Source files: 35 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersIntended Audience :: Information TechnologyLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some signs of potential misuse due to its metadata issues and lack of clear authorship, despite having low risks in terms of direct network, shell, obfuscation, and credential threats.

Suspicious non-HTTPS links in metadata
Missing author information

Per-check LLM notes

Network: The use of aiohttp.ClientSession suggests the package makes network requests, which is common but should be reviewed for destination and purpose.
Shell: No shell execution patterns were detected, indicating low risk.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
Metadata: Suspicious non-HTTPS links and a missing author name indicate potential risk.

📦 Package Quality Overall: Low (3.2/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (8230 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

91 type-annotated function signatures detected in source

○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

GitHub API error: 404

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

elf._sessions = [ aiohttp.ClientSession(connector=c, timeout=self._timeout, trust_env=False)

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

⚠ Suspicious Page Links score 10.0

Found 6 suspicious link(s) on the package page

Non-HTTPS external link: http://target/vuln.php?id=1
Non-HTTPS external link: http://target/list?id=1
Non-HTTPS external link: http://target/login
Non-HTTPS external link: http://proxy1.example.com:3128
Non-HTTPS external link: http://user:[email protected]:3128
Non-HTTPS external link: http://target?id=1

⚠ Git Repository History score 3.0

Repository not found (deleted or private)

Repository not found (deleted or private)

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with asqli

Develop a comprehensive security tool named 'SQLGuard' using the Python package 'asqli'. This tool aims to help developers and security professionals identify potential SQL injection vulnerabilities in their web applications. The project should include the following core functionalities:

1. **Configuration Management**: Allow users to configure the scanning process by specifying target URLs, database management systems (DBMS), and other relevant settings.
2. **Scan Execution**: Utilize 'asqli' to asynchronously scan the specified targets for SQL injection vulnerabilities. Ensure the tool leverages the package's ability to perform parallel scans.
3. **Blind Inference**: Implement a feature that uses 'asqli's DBMS-aware blind inference capabilities to detect and report on the type of database being used by the target application.
4. **Vulnerability Reporting**: Generate detailed reports that summarize findings from the scan, including the level of severity, affected endpoints, and recommended remediation steps.
5. **User Interface**: Develop a simple command-line interface (CLI) for interacting with the tool, allowing users to easily initiate scans, view results, and manage configurations.
6. **Logging and Auditing**: Include logging mechanisms to track the execution of scans and any errors encountered. Also, provide an audit trail for compliance and review purposes.
7. **Customization Options**: Offer customization options for advanced users who wish to tailor the scanning behavior according to specific needs.

The application should be designed to be user-friendly, efficient, and reliable, providing valuable insights into the security posture of web applications with respect to SQL injection attacks.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue