Package Metadata

Author: —
Email: Parcha <[email protected]>
PyPI: ati-client
Python: >=3.10
Versions: 25 releases
First release: 17 Mar 2026, 22:05 UTC
Analysed: 07 Jun 2026, 18:21 UTC
Source files: 8 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of obfuscation and has a new or inactive maintainer account, which raises concerns about its legitimacy and potential risks.

obfuscation risk of 5/10
new or inactive maintainer account

Per-check LLM notes

Network: The observed network patterns indicate the package is making authenticated HTTP requests to an API endpoint, which is common for client packages but warrants further investigation into the legitimacy of the endpoints and data being exchanged.
Shell: No shell execution patterns were detected.
Obfuscation: The base64 decoding suggests some level of obfuscation, but it could also be a legitimate use of encoded data.
Credentials: No clear evidence of credential harvesting is present.
Metadata: The maintainer has a new or inactive account and lacks a proper author name, raising some suspicion but not definitive proof of malice.

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 3 test file(s) found

Test runner config found: pyproject.toml
3 test file(s) detected (e.g. test_orchestrator.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (2536 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

27 type-annotated function signatures detected in source

✦ High Multiple Contributors 8.0

Active multi-contributor project

3 unique contributor(s) across 100 commits in Parcha-ai/ati
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

⚠ Outbound Network Calls score 7.5

Found 5 network call pattern(s)

}).encode() req = urllib.request.Request( url, data=body,
Bearer {token}") with urllib.request.urlopen(req, timeout=30) as resp: data = json.lo
/{name}/bundle" req = urllib.request.Request(url) if token: req.add_header("A
Bearer {token}") with urllib.request.urlopen(req, timeout=60) as resp: data = json.lo
ames}).encode() req = urllib.request.Request( url, data=body,

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

: f.write(base64.b64decode(content["base64"])) else: # Text
f.write(base64.b64decode(content["base64"])) else:

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: parcha.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Parcha-ai/ati appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ati-client

Create a command-line tool named 'TokenMgmtCLI' using the Python package 'ati-client'. This tool should allow users to manage tokens and provision orchestrators through the Agent Tools Interface (ATI). The application should provide the following functionalities:

1. **Token Management**: Users should be able to create new tokens, list all available tokens, delete specific tokens, and retrieve information about a particular token.
2. **Orchestrator Provisioning**: Users should have the ability to provision new orchestrators, update existing ones, and terminate them when they are no longer needed.
3. **User Authentication**: Implement a simple login mechanism where users must authenticate before performing any actions related to token management or orchestrator provisioning.
4. **Logging**: Integrate logging capabilities to log user actions, errors, and important events during the execution of the CLI commands.
5. **Help and Documentation**: Provide comprehensive help documentation accessible via a '--help' flag for each command, detailing usage, options, and examples.

To achieve these goals, utilize the core functionalities provided by the 'ati-client' package such as token creation, deletion, listing, and orchestrator provisioning methods. Ensure that your code is well-structured, modular, and follows best practices for Python development. Additionally, include unit tests to validate the functionality of your CLI tool.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue