Package Metadata

Author: —
Email: Andrea Aresu <[email protected]>
PyPI: asr-attack
Python: >=3.10
Versions: 1 release
First release: 18 May 2026, 16:21 UTC
Analysed: 07 Jun 2026, 14:38 UTC
Source files: 14 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaIntended Audience :: Science/ResearchLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Multimedia :: Sound/Audio :: Speech

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to incomplete obfuscation and questionable metadata, including a lack of maintainer history and minimal repository activity. While there are no direct indicators of malicious intent or actions, the overall profile raises concerns about potential supply-chain vulnerabilities.

Incomplete obfuscation
Lack of maintainer history
Minimal repository activity

Per-check LLM notes

Network: No network calls detected, which is normal unless the package requires external services.
Shell: No shell execution patterns detected, indicating no immediate signs of malicious activity.
Obfuscation: The obfuscation appears to be incomplete and possibly accidental, not indicative of malicious intent.
Credentials: No patterns indicating credential harvesting were detected.
Metadata: The package shows several red flags including a lack of maintainer history, minimal repository activity, and an incomplete author profile.

📦 Package Quality Overall: Low (4.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (9338 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

35 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 16 commits in andreaaresu/asr-attack
Two distinct contributors found

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

model = model.to(self.device).eval() self._processor = AutoProcessor.from_pretrained(se

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with asr-attack

Create a Python-based application that demonstrates the vulnerabilities of Automatic Speech Recognition (ASR) models against adversarial attacks using the 'asr-attack' package. Your application should include the following functionalities:

1. **Model Selection**: Allow users to select from a variety of Hugging Face ASR models available through the 'transformers' library.
2. **Audio Input**: Provide a feature for users to upload their own audio files or generate synthetic speech for testing purposes.
3. **Attack Generation**: Implement different types of adversarial attack methods provided by 'asr-attack', such as Perturbation-based attacks or Noise Injection, to alter the input audio slightly without significantly changing its perceptual quality.
4. **Accuracy Testing**: Compare the ASR model's performance on the original audio vs. the attacked audio, showing the drop in accuracy due to the adversarial manipulation.
5. **Visualization**: Offer visual representations of the attacks' effects on both the audio waveforms and the ASR model's confidence scores.
6. **Report Generation**: Automatically create a report summarizing the experiment results, including the type of attack used, the level of perturbation introduced, and the impact on recognition accuracy.

Your task is to design a user-friendly interface (command-line or graphical) that guides users through these steps, making it easy for them to understand the implications of adversarial attacks on ASR systems. Additionally, ensure your application includes comprehensive documentation and clear instructions for setup and usage.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (4.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue