astviewer

v1.1.3 safe
4.0
Medium Risk

GUI for viewing a Python Abstract Syntax Tree.

🤖 AI Analysis

Final verdict: SAFE

The package is deemed safe with minimal risks identified. The primary concern is the presence of a non-HTTPS link, which could potentially expose users to man-in-the-middle attacks.

  • No network calls detected.
  • Non-HTTPS link present in metadata.
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires online resources to function.
  • Shell: No shell execution detected, indicating no immediate risk of command injection or system manipulation.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, which may indicate a new or less active account, and there's a non-HTTPS link that could pose a security risk.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "documentation" -> https://github.com/titusjan/astviewer
  • Detailed PyPI description (1615 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in titusjan/astviewer
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

  • Non-HTTPS external link: http://wiki.qt.io/Category:LanguageBindings::PySide::Downloads
Git Repository History

Repository titusjan/astviewer appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Pepijn Kenter" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with astviewer 
Create a Python-based mini-application named 'CodeSight' that leverages the 'astviewer' package to provide developers with an interactive and user-friendly way to visualize and explore the Abstract Syntax Trees (ASTs) of their Python code snippets. CodeSight should allow users to paste or input Python code directly into the app, and then display the corresponding AST graphically. Additionally, the application should highlight specific nodes in the tree when hovered over, providing details about each node such as its type, value, and location within the original code snippet. Furthermore, implement a feature that allows users to modify parts of the AST visually and see the changes reflected in the underlying Python code in real-time. This project aims to deepen developers' understanding of Python's syntax structure and improve their coding skills through visual learning.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!