Package Metadata

Author: —
Email: Teague Sterling <[email protected]>
PyPI: ast-pluckit
Python: >=3.10
Versions: 9 releases
First release: 11 Apr 2026, 00:30 UTC
Analysed: 07 Jun 2026, 15:13 UTC
Source files: 58 .py files scanned

Project Links

Changelog Documentation Homepage Issues Repository

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: MacOSOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits low risks in terms of network, shell, and obfuscation activities. However, the incomplete author profile and potential misuse of shell commands for unintended purposes raise concerns, warranting further investigation.

Incomplete author profile
Potential misuse of shell commands

Per-check LLM notes

Network: No network calls detected, which is normal and expected.
Shell: Shell execution to run git commands might be intended for version control operations but could also indicate unexpected behavior depending on the context.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
Credentials: No credential harvesting patterns detected, indicating low risk of secret or credential theft.
Metadata: The package shows signs of being new or less active with an incomplete author profile, which raises some suspicion.

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 30 test file(s) found

Test runner config found: conftest.py
Test runner config found: pyproject.toml
30 test file(s) detected (e.g. conftest.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://pluckit.readthedocs.io
Detailed PyPI description (12198 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
266 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 100 commits in teaguesterling/pluckit
Two distinct contributors found

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

try: proc = subprocess.run( [ "git", "log",
.update(env_extra) return subprocess.run( ["git", *args], cwd=str(cwd), captu

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ast-pluckit

Create a Python-based code analysis tool named 'CodeInspector' that leverages the 'ast-pluckit' package to analyze Python source code files. This tool should allow users to query, view, and modify code using CSS-like selectors over Abstract Syntax Trees (ASTs). Here’s a step-by-step guide on how to build it:

1. **Setup Project**: Initialize a new Python project and install 'ast-pluckit'. Additionally, include other necessary packages such as 'duckdb' for database operations.
2. **Design User Interface**: Develop a simple command-line interface (CLI) for interacting with 'CodeInspector'. The CLI should support commands like 'query', 'view', and 'mutate' to interact with the source code.
3. **Query Functionality**: Implement the 'query' command which allows users to search for specific patterns or elements within the code using CSS-like selectors provided by 'ast-pluckit'. For example, users could query all function definitions or find all instances of a particular variable.
4. **View Functionality**: Add a 'view' command that displays the selected parts of the code as determined by the queries. This could also include additional details such as line numbers and context around the selected code snippets.
5. **Mutate Functionality**: Incorporate a 'mutate' command that allows for modifying the code based on the selected elements. Ensure that changes are made safely and that the original structure of the code is preserved where possible.
6. **Database Integration**: Utilize DuckDB to store and manage queries, views, and mutations efficiently. This will allow for faster execution and easier management of large codebases.
7. **Testing**: Write comprehensive tests to ensure that 'CodeInspector' works correctly under various scenarios, including edge cases and large code files.
8. **Documentation**: Provide clear documentation for both developers who might use 'CodeInspector' and end-users who wish to contribute to its development.
9. **Deployment**: Package the tool into a distributable format such as a pip package and deploy it to PyPI or another repository for easy installation.

This project aims to showcase the power and flexibility of 'ast-pluckit' in real-world applications, making code analysis and manipulation more accessible and efficient.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue