astronomer-orbis

v0.9.1 suspicious
6.0
Medium Risk

A tool for generating astronomer software deployment compute reports

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant risks due to shell execution and obfuscation techniques, despite having no clear signs of credential harvesting or direct network exfiltration. The sparse metadata adds to the suspicion.

  • Unusual network PUT request with file payload
  • Use of subprocess 'helm' which can execute arbitrary commands
  • Presence of base64 decoding and binary data suggesting obfuscation
Per-check LLM notes
  • Network: The network calls are likely for legitimate API interactions, but the PUT request with a file payload is unusual and could indicate data exfiltration.
  • Shell: Subprocess execution using 'helm' suggests interaction with Kubernetes Helm, which is common for Kubernetes-related packages, but it could also be used to execute arbitrary commands, posing a risk.
  • Obfuscation: The presence of base64 decoding and binary data suggests possible obfuscation techniques, which could be used for malicious purposes.
  • Credentials: No clear patterns indicative of credential harvesting were found.
  • Metadata: The repository is not found, and the author's information is sparse, indicating potential unreliability.

📦 Package Quality Overall: Low (4.6/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2259 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 287 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • pplication/zip")} requests.put(url=url, files=payload, timeout=300) click.echo(
  • try: response = requests.post(self.base_url, json={"query": query}, headers=headers, verif
  • try: response = requests.get(url, verify=self.verify_ssl, timeout=15) if resp
  • " try: response = requests.get( f"{url}/api/v1/status/config", head
  • try: response = requests.get(url, headers=headers, params=params, verify=self.verify_ssl,
  • oken}" response = requests.get(url, headers=headers, verify=self.verify_ssl, timeout=10)
Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

  • try: binary = base64.b64decode(base64_data) with open(local_path, "wb") as fh:
  • xist_ok=True) timestamp = __import__("datetime").datetime.now().strftime("%Y%m%d-%H%M%S") filename = f"d
  • 00\x01" b"\x08\x06\x00\x00\x00\x1f\x15\xc4\x89\x00\x00\x00\rIDATx\x9cc\xfc\xff" b"\xff?\x03\x00\x0
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • ig try: result = subprocess.run( ["helm", *args], capture_output=Tru
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: astronomer.io>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with astronomer-orbis 
Create a fully-functional mini-application named 'Astronomer Dashboard' that leverages the capabilities of the Python package 'astronomer-orbis'. This application will serve as a user-friendly interface for generating detailed reports on software deployments within an astronomer environment. The dashboard should allow users to input specific deployment details and receive comprehensive analysis and visualizations of the compute resources utilized during these deployments.

The application should include the following core functionalities:
1. User Interface: Develop an intuitive graphical user interface using a framework like PyQt or Tkinter, which allows users to input necessary deployment parameters such as date range, deployment ID, and resource types.
2. Data Processing: Utilize 'astronomer-orbis' to process the input data and generate detailed reports on compute usage, including CPU time, memory consumption, and storage utilization.
3. Visualization: Implement visualization tools to display the processed data in an easily understandable format, such as graphs and charts. Libraries like Matplotlib or Plotly can be used for this purpose.
4. Report Generation: Enable the feature to export the generated report into various formats such as PDF or CSV for further analysis or record-keeping.
5. Error Handling: Ensure robust error handling mechanisms are in place to manage invalid inputs and unexpected issues gracefully.

Detailed Steps:
1. Set up a virtual environment and install necessary packages, including 'astronomer-orbis', Matplotlib, and any chosen GUI framework.
2. Design and implement the user interface to collect deployment information from the user.
3. Integrate 'astronomer-orbis' into your application to fetch and process deployment data based on user inputs.
4. Use the processed data to create informative visualizations and embed them into the application.
5. Add functionality to save the generated report in preferred formats.
6. Test the application thoroughly, focusing on both the correctness of the data processing and the usability of the interface.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!