atoti-server-directquery-bigquery

v0.9.15 suspicious
4.0
Medium Risk

Resources to use DirectQuery on Google BigQuery

⚠ Tarball exceeded 25 MB — source code analysis was limited to package metadata only.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risk in most categories but raises suspicion due to its single maintainer and potential network interactions with BigQuery.

  • Single maintainer account
  • Potential network calls to BigQuery
Per-check LLM notes
  • Network: Some network calls may be expected for packages interacting with external services like BigQuery.
  • Shell: No shell execution patterns were detected, which is normal and expected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, suggesting no immediate threat to secrets or credentials.
  • Metadata: The maintainer has only one package, which could indicate a new or less active account, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (3.4/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
○ Low Documentation 1.0

No documentation detected

  • No documentation URL, doc files, or meaningful description found
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • Classifier: Typing :: Typed
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in atoti/atoti
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: activeviam.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository atoti/atoti appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "ActiveViam" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with atoti-server-directquery-bigquery 
Build a simple Python application using the atoti-server-directquery-bigquery package to demonstrate its core features.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!