Package Metadata

Author: —
Email: Alan Fleming <[email protected]>
PyPI: async-kernel
Python: >=3.11
Versions: 70 releases
First release: 24 Aug 2025, 08:34 UTC
Analysed: 07 Jun 2026, 17:05 UTC
Source files: 54 .py files scanned

Project Links

Changelog Documentation Homepage Source Tracker

Classifiers

Development Status :: 4 - BetaFramework :: AnyIOFramework :: AsyncIOFramework :: JupyterFramework :: Jupyter :: JupyterLabFramework :: Jupyter :: JupyterLab :: 4Framework :: Jupyter :: JupyterLab :: ExtensionsFramework :: Jupyter :: JupyterLab :: Extensions :: PrebuiltFramework :: TrioIntended Audience :: Developers

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant obfuscation risks due to the use of 'eval' with untrusted inputs, which could lead to code injection. Additionally, there are indications of potential credential harvesting and a lack of transparency regarding the package's authorship.

High obfuscation risk due to use of 'eval'
Potential credential harvesting
Anonymous author

Per-check LLM notes

Network: The network calls observed are typical for packages related to Jupyter notebook integration, suggesting legitimate inter-process communication rather than malicious activity.
Shell: No shell execution patterns were detected, indicating no immediate risk associated with unauthorized command execution.
Obfuscation: The use of 'eval' with untrusted input is highly risky and suggests potential for code injection or obfuscation.
Credentials: The presence of 'getpass.getpass' indicates potential credential harvesting, but it could also be part of a legitimate interactive prompt.
Metadata: The package shows some red flags including an anonymous author and lack of community engagement, but there's no direct evidence of malice.

📦 Package Quality Overall: Medium (7.0/10)

✦ High Test Suite 9.0

Test suite present — 24 test file(s) found

Test runner config found: conftest.py
Test runner config found: pyproject.toml
24 test file(s) detected (e.g. conftest.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://fleming79.github.io/async-kernel
Detailed PyPI description (6322 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
Type checker (mypy / pyright / pytype) referenced in project
471 type-annotated function signatures detected in source

✦ High Multiple Contributors 8.0

Active multi-contributor project

3 unique contributor(s) across 100 commits in fleming79/async-kernel
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

ocketType.PUB socket.connect(self.iopub_url) self.iopub_sockets[self._cal
socket.linger = 0 socket.connect(self._iopub_url) # welcome_message: https://jupyter

⚠ Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

repr_data, repr_metadata = eval(reply["body"]["result"], {}, {}) body = {
y: items[k] = eval(val) except Exception: items[k]
setattr(obj, name, eval(value)) return value if _return_value else {name
on thread # self.root.eval(f'after idle after 0 {self._tk_func_name}') @override
async_: await eval(code_obj, self.user_global_ns, self.user_ns) els
}, ) threads = eval(reply["body"]["result"]) debug_threads = [thread for thr

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

= f"import getpass;response = getpass.getpass('{theprompt}')" # allow_stdin=False if test_mode ==

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: proton.me>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with async-kernel

Create a fully-functional mini-application that leverages the 'async-kernel' package to demonstrate concurrent execution capabilities within a Jupyter notebook environment. This application will serve as a real-time data processing tool, capable of fetching live stock market data from an API, performing complex calculations on this data asynchronously, and visualizing the results in real-time charts. The goal is to showcase the efficiency and flexibility of using 'async-kernel' with different concurrency models like AnyIO, AsyncIO, and Trio.

### Steps to Develop the Application:
1. **Setup Environment**: Ensure you have a Jupyter notebook environment set up with 'async-kernel' installed. If not already installed, install it using pip (`pip install async-kernel`). Additionally, install necessary libraries such as `requests` for HTTP requests and `matplotlib` for plotting.
2. **Fetch Data**: Use an API endpoint that provides live stock market data. Write an asynchronous function that fetches this data at regular intervals (e.g., every minute).
3. **Process Data**: Implement asynchronous functions to process the fetched data. These could include calculating moving averages, volatility measures, or any other financial metrics relevant to your use case.
4. **Visualization**: Create a function to plot the processed data in real-time within the Jupyter notebook. Use matplotlib or another library to update the chart dynamically as new data arrives.
5. **Concurrency Models**: Experiment with running the above tasks using different concurrency models supported by 'async-kernel'. Compare the performance and behavior of these models in handling the real-time data processing task.
6. **User Interface**: Enhance the application with a simple user interface where users can select which stocks they want to track, choose the type of data processing, and customize visualization parameters.

### Suggested Features:
- **Customizable Data Processing**: Allow users to define their own functions for data processing.
- **Multiple Stock Tracking**: Simultaneously track multiple stocks and display them side-by-side for comparison.
- **Alert System**: Implement a feature that sends alerts based on certain conditions (e.g., when a stock price reaches a specific threshold).
- **Performance Comparison**: Include a feature that allows users to compare the performance of different concurrency models in real-time.

By completing this project, you'll gain hands-on experience with asynchronous programming in Python, learn about various concurrency models, and understand how to leverage 'async-kernel' to enhance computational efficiency in Jupyter notebooks.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (7.0/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue