atorch-ble

v0.1.1 suspicious
4.0
Medium Risk

Standalone parser for the Atorch BLE protocol (J7-C / UC96 and related USB/AC/DC meters).

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risks in terms of network usage, shell execution, and obfuscation. However, the metadata risk score is elevated due to the repository's active but concerning commit history and the maintainer's lack of engagement, raising suspicion.

  • Elevated metadata risk due to recent and rapid commit history
  • Maintainer's lack of detailed activity
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires internet access for its functionality.
  • Shell: No shell execution patterns detected, indicating the package does not execute external commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository's recent and rapid commit history, coupled with the maintainer's lack of activity and detail, raises concerns about potential malicious intent.

📦 Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present — 7 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 7 test file(s) detected (e.g. __init__.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3013 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 13 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 13 commits in dallanwagz/atorch-ble
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 5.0

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
  • All 13 commits happened within 24 hours
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with atorch-ble 
Create a Python-based monitoring tool named 'AtorchMonitor' that leverages the 'atorch-ble' package to interact with various Atorch BLE devices such as J7-C and UC96 meters. This tool should be designed to provide real-time data visualization of electrical parameters like voltage, current, power factor, and energy consumption from these devices. The project should include the following functionalities:

1. **Device Discovery**: Implement a feature to discover and connect to nearby Atorch BLE devices automatically.
2. **Data Collection**: Continuously collect data from the connected device at regular intervals (e.g., every second).
3. **Data Visualization**: Display the collected data in a user-friendly manner using libraries such as Matplotlib or Plotly. The visualization should include graphs and charts that update in real-time.
4. **Alert System**: Integrate an alert system that triggers notifications if any parameter exceeds predefined thresholds.
5. **Configuration Interface**: Provide a simple configuration interface where users can set up their preferences, including which parameters to monitor and threshold values for alerts.
6. **Logging**: Log all data points into a CSV file for historical analysis and offline viewing.

To achieve these objectives, you will need to utilize the 'atorch-ble' package to parse BLE messages from the devices and extract meaningful data. Additionally, ensure your code is well-documented and includes comments explaining key sections. Finally, create a README.md file that outlines how to install dependencies, run the application, and configure it according to individual needs.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!