Package Metadata

Author: —
Email: v0o0v <[email protected]>
PyPI: assetcache-mcp
Python: >=3.10
Versions: 6 releases
First release: 19 May 2026, 15:38 UTC
Analysed: 07 Jun 2026, 14:56 UTC
Source files: 63 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaEnvironment :: ConsoleEnvironment :: Win32 (MS Windows)Intended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: Microsoft :: WindowsProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: Games/Entertainment

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits some unusual behaviors such as non-HTTPS links and potential obfuscation techniques, raising suspicion but not conclusive evidence of malicious intent.

Non-HTTPS links present
Potential use of obfuscation techniques

Per-check LLM notes

Network: The observed network calls are typical for a package that may interact with APIs for embeddings and chat completions, suggesting it is likely used for machine learning or natural language processing tasks.
Shell: No shell execution patterns were detected, indicating low risk of direct system command execution.
Obfuscation: The base64 decoding is likely used for handling image data, which is a common and legitimate practice.
Credentials: No patterns indicative of credential harvesting were found.
Metadata: The presence of non-HTTPS links and an author with a potentially new or inactive account raises concerns.

📦 Package Quality Overall: Medium (5.4/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://github.com/v0o0v/assetcache-mcp/blob/main/README.md
Detailed PyPI description (8914 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

341 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 5.0

Limited contributor diversity

1 unique contributor(s) across 100 commits in v0o0v/assetcache-mcp
Single author but highly active (100 commits)

🔬 Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

try: r = httpx.get(f"{self._client.base_url}/api/tags", timeout=2.0)
try: r = httpx.post( f"{self.base_url}/v1/embeddings",
try: r = httpx.post( f"{self.base_url}/api/embeddings",
": "json_object"} r = httpx.post( f"{self.base_url}/v1/chat/completions",
format"] = "json" r = httpx.post( f"{self.base_url}/api/chat", json=b

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

data=base64.b64decode(b64), mime_type="image/png",
data=base64.b64decode(data), mime_type=mime,
e_kw, ) model.eval() model.to(self._device) self._model = model

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

⚠ Suspicious Page Links score 10.0

Found 5 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:9874/library`
Non-HTTPS external link: http://127.0.0.1:9874/packs`
Non-HTTPS external link: http://127.0.0.1:9874/labels/admin`
Non-HTTPS external link: http://127.0.0.1:9874/analyzing`
Non-HTTPS external link: http://127.0.0.1:9874/settings`

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with assetcache-mcp

Create a mini-application called 'AssetFinder' that leverages the 'assetcache-mcp' package to index and retrieve various types of digital assets such as 2D sprites, sheets, sounds, and Unity packages using natural language queries. The application should include a graphical user interface (GUI) built with PyQt5, allowing users to input search terms and view results. Additionally, implement a feature where the application can automatically update its local cache from a remote server whenever new assets are added. Ensure that the GUI includes a progress bar for the indexing process and a log window to display any errors or status updates. Utilize the 'assetcache-mcp' package to handle the backend logic for indexing and querying assets. Your task is to write the full code for this application, including setup instructions and sample queries to demonstrate functionality.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.4/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue