astro-metadata-translator

v30.2026.2200 suspicious
4.0
Medium Risk

A translator for astronomical metadata.

πŸ€– AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in network, shell execution, and credential harvesting, but incomplete metadata and possibly inactive author accounts raise concerns about potential supply-chain risks.

  • Incomplete author information
  • Possibly inactive project account
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell execution patterns detected, indicating no immediate signs of malicious activity.
  • Obfuscation: The observed pattern is likely for data serialization and deserialization rather than obfuscation.
  • Credentials: No evidence of credential harvesting detected.
  • Metadata: The author's information is incomplete and the account seems new or inactive, raising some concerns but not definitive evidence of malicious intent.

πŸ“¦ Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present β€” 17 test file(s) found

  • Test runner config found: pyproject.toml
  • 17 test file(s) detected (e.g. test_basics.py)
β—ˆ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (873 chars)
β—‹ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β—ˆ Medium Type Annotations 5.0

Partial type annotation coverage

  • 197 type-annotated function signatures detected in source
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 3 unique contributor(s) across 100 commits in lsst/astro_metadata_translator
  • Small but multi-author team (3–4 contributors)

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • properties newinfo = pickle.loads(pickle.dumps(obsinfo)) self.assertEqual(obsinfo, new
  • ensions.""" obsinfo = pickle.loads(pickle.dumps(self.obsinfo)) self.assert_observation_
βœ“ Shell / Subprocess Execution

No shell execution patterns detected

βœ“ Credential Harvesting

No credential harvesting patterns detected

βœ“ Typosquatting

No typosquatting candidates detected

βœ“ Registered Email Domain

Email domain looks legitimate: lists.lsst.org>

βœ“ Suspicious Page Links

All external links appear legitimate

βœ“ Git Repository History

Repository lsst/astro_metadata_translator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with astro-metadata-translator 
Create a Python-based astronomical metadata translator tool that leverages the 'astro-metadata-translator' package. This tool will serve as a bridge between different astronomical data formats, allowing researchers and enthusiasts to easily convert metadata from one format to another. Here’s a step-by-step guide on how to build this tool:

1. **Setup Environment**: Begin by setting up a Python virtual environment and installing necessary packages including 'astro-metadata-translator'. Also, ensure you have other dependencies like Flask for web integration.

2. **Define Supported Formats**: List out the supported input and output metadata formats your tool will handle. For example, FITS headers, VOTable, and JSON.

3. **Metadata Translation Logic**: Utilize the 'astro-metadata-translator' package to implement the translation logic. This involves parsing the input metadata according to its format, translating it using the package's capabilities, and then formatting it into the desired output format.

4. **User Interface**: Develop a simple user interface where users can upload their metadata file, select the input and output formats, and initiate the translation process. Consider building a RESTful API using Flask to allow programmatic access to the translation service.

5. **Testing and Validation**: Implement tests to ensure accurate translations across all supported formats. Use sample metadata files provided by the 'astro-metadata-translator' documentation for testing.

6. **Documentation and Deployment**: Write comprehensive documentation detailing how to use the tool, including setup instructions and API endpoints. Deploy the application on a cloud platform such as Heroku or AWS so that others can use it.

**Suggested Features**:
- Support for multiple input/output formats.
- Error handling for unsupported formats or corrupted files.
- User-friendly web interface for non-technical users.
- API documentation and examples for developers.
- Integration with popular astronomical data repositories for direct file conversion.

πŸ’¬ Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!