attio

v0.22.8 suspicious
4.0
Medium Risk

Attio API client library from elviskahoro

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network calls, shell execution, obfuscation, and credential harvesting. However, it exhibits potential typosquatting behavior targeting 'attrs', and the author's metadata suggests low effort, raising suspicions about its legitimacy.

  • Potential typosquatting
  • Low-effort metadata
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell execution patterns detected, indicating no immediate signs of malicious activity.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious obfuscation.
  • Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
  • Metadata: The author's new/inactive account and lack of PyPI classifiers suggest low effort, raising suspicion but not conclusive evidence of malice.
  • Typosquatting target: attrs

📦 Package Quality Overall: Medium (5.2/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • Test runner config found: pyproject.toml
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (44489 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 145 type-annotated function signatures detected in source
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 3 unique contributor(s) across 91 commits in elviskahoro/attio-python-sdk
  • Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 3.0

Possible typosquat of: attrs

  • "attio" is 2 edit(s) from "attrs"
Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository elviskahoro/attio-python-sdk appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "elviskahoro" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with attio 
Create a mini-application that serves as a personal task manager utilizing the 'attio' package from elviskahoro. This application will allow users to manage their tasks efficiently through a command-line interface (CLI). The app should support adding new tasks, marking tasks as completed, listing all current tasks, and deleting tasks. Additionally, it should provide options to filter tasks based on completion status and priority level. Here's a detailed breakdown of the application's functionality:

1. **Task Addition**: Users should be able to add tasks along with a description, due date, and priority level (low, medium, high).
2. **Marking Tasks as Completed**: Users should have the ability to mark any task as completed.
3. **Listing Tasks**: The app should display all tasks, allowing for filtering by completion status (completed or not completed) and priority level.
4. **Deleting Tasks**: Users should be able to delete specific tasks by specifying the task ID.
5. **Priority Level Filtering**: Implement a feature that allows users to view only high-priority tasks.
6. **Completion Status Filtering**: Include a function that lists only completed or uncompleted tasks.
7. **User Input Validation**: Ensure that user inputs for dates and priorities are validated before being processed.
8. **Data Persistence**: Use the 'attio' package to store and retrieve task data, ensuring that tasks persist even after the application is closed and reopened.
9. **Command-Line Interface (CLI)**: Design a user-friendly CLI where users can interact with the application using simple commands.

The 'attio' package will be used primarily for storing and retrieving task data, leveraging its capabilities to maintain data persistence across sessions. Your task is to implement these functionalities using Python and the 'attio' package, ensuring that the application is robust, user-friendly, and efficient.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!