asyncresil

v0.1.0 suspicious
5.0
Medium Risk

Async resilience utilities — circuit breaker, rate limiter, cache, http client

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has legitimate functionality but raises concerns due to its minimal activity and single maintainer status, which could indicate potential risks.

  • Metadata risk due to new package and single maintainer
  • Potential legitimacy concerns due to historical naming discrepancy
Per-check LLM notes
  • Network: The use of httpx.AsyncClient indicates the package makes network calls, which is common but should be reviewed for legitimacy and security practices.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new with minimal activity and a single maintainer, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (4.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2055 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 26 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 22 commits in kevinreber/aura-utils
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • lient: self._client = httpx.AsyncClient(timeout=self._timeout) return self async def __
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Kevin Reber" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with asyncresil 
Build a simple Python application using the asyncresil package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!