assistableai

v0.2.0 suspicious
6.0
Medium Risk

Official Python SDK and MCP server for the Assistable AI v3 API (generated from OpenAPI).

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential misuse of network calls and risky shell execution. The metadata also raises concerns about the maintainer's activity level.

  • High shell risk due to execution of external commands
  • Moderate network risk from httpx usage
  • Suspicious metadata indicating a possibly new or inactive maintainer
Per-check LLM notes
  • Network: The use of httpx for network calls is common and may be legitimate, but the specific endpoints and parameters need to be reviewed for potential misuse.
  • Shell: Executing external commands like 'uvx' can be risky as it allows interaction with the system shell, potentially leading to unauthorized actions.
  • Metadata: The repository is not found and the maintainer has a single package, which could indicate a new or less active account, raising some suspicion.

📦 Package Quality Overall: Low (2.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2598 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 325 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • = subaccount_id client = httpx.AsyncClient(base_url=base_url, headers=headers) return FastMCP.from_
  • e: self._client = httpx.Client( base_url=self._base_url, co
  • context manager for internal httpx.Client (see httpx docs)""" self.get_httpx_client().__exit__(
  • self._async_client = httpx.AsyncClient( base_url=self._base_url, co
  • ontext manager for underlying httpx.AsyncClient (see httpx docs)""" await self.get_async_httpx_client
  • ) self._client = httpx.Client( base_url=self._base_url, co
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • assistableai._client. subprocess.run( [ "uvx", f"open
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Assistable AI" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with assistableai 
Your task is to develop a conversational chatbot application using the 'assistableai' Python package, which serves as an official SDK and MCP server for the Assistable AI v3 API. This chatbot will interact with users through text-based conversations, utilizing natural language processing (NLP) capabilities provided by the Assistable AI service. Your application should include the following features:

1. User Authentication: Allow users to sign up or log in to the chatbot. Use simple username/password authentication.
2. Personalized Greeting: Upon login, the chatbot should greet the user by their username and ask how it can assist them today.
3. Contextual Conversations: Implement a feature where the chatbot remembers previous interactions within a session, allowing for more natural and continuous conversations.
4. Command Recognition: Enable the chatbot to recognize specific commands such as 'help', 'weather', 'news', etc., and respond appropriately based on the command.
5. Integration with External Services: For commands like 'weather' or 'news', integrate with external APIs to fetch real-time information and provide it to the user.
6. Feedback Mechanism: Allow users to rate the quality of responses and provide feedback to improve future interactions.
7. Session Persistence: Ensure that each user's conversation history is saved and can be retrieved in subsequent sessions.

To achieve these functionalities, you will utilize the 'assistableai' package to handle the backend communication with the Assistable AI service. Specifically, use its capabilities to process user inputs, generate appropriate responses, and manage the context of conversations. Additionally, implement error handling to gracefully deal with any issues that may arise during the communication with the Assistable AI service.

This project aims to showcase the power of integrating advanced AI services into everyday applications, enhancing user interaction and experience through intelligent, context-aware dialogue.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!