AI Analysis
Final verdict: SAFE
The package assemblerpdf v1.0.4 is deemed safe based on the absence of obfuscation and credential harvesting patterns. There are no indications of a supply-chain attack.
- No obfuscation patterns detected
- No credential harvesting patterns detected
Per-check LLM notes
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
Package Quality Overall: Low (2.0/10)
○ Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
◈ Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (1831 chars)
○ Low
Contributing Guide
2.0
No contributing guide or governance files found
No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low
Type Annotations
1.0
No type annotations detected
No type annotations, py.typed marker, or stub files detected
○ Low
Multiple Contributors
1.0
Unable to verify contributor count: no GitHub repository found
No GitHub repository linked — contributor count unavailable
Heuristic Checks
Outbound Network Calls
score 1.5
Found 1 network call pattern(s)
try: urllib.request.urlretrieve(url, dest_path) logger.info(f"✅
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
score 10.0
Found 6 shell execution pattern(s)
print, requests)...") subprocess.run([sys.executable, "-m", "pip", "install", "weasyprint", "requtry: subprocess.run(["winget", "install", "MSYS2.MSYS2", "--silent", "--accept-stry: subprocess.run([msys_bash, "-lc", "pacman -S --noconfirm --needed mingw-w64try: subprocess.run(["sudo", "apt-get", "update"], check=True) s, check=True) subprocess.run(["sudo", "apt-get", "install", "-y", "libpango-1.0-0", "libptry: subprocess.run(["sudo", "dnf", "install", "-y", "pango", "cairo", "gdk-pixb
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: unp.gov.co>
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with assemblerpdf
Create a Python-based mini-application that generates personalized certificates using the 'assemblerpdf' package. The application should allow users to input recipient details such as name, award category, and date of issuance. Additionally, it should support customization options like adding a logo and customizing the certificate design template. Here’s a detailed breakdown of the steps and features: 1. **User Interface**: Develop a simple command-line interface (CLI) where users can input necessary details for the certificate. 2. **Recipient Details Input**: Allow users to enter the recipient's name, award category, and date of issuance. 3. **Design Customization**: Provide options to upload a custom logo and select from predefined certificate templates. 4. **PDF Generation**: Utilize the 'assemblerpdf' package to generate a professional-looking PDF certificate based on the user inputs and selected design. 5. **Output**: Save the generated certificate as a PDF file in a specified directory. Utilize the 'assemblerpdf' package to handle the PDF generation process efficiently. This includes integrating WeasyPrint for rendering HTML/CSS templates into PDFs and leveraging its capabilities to create complex layouts suitable for certificates. Ensure the application is modular and maintainable, allowing for easy updates and additions of new templates or design elements.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue