Package Metadata

Author: —
Email: Stefan Kovalik <[email protected]>
PyPI: aurochs-core
Python: >=3.13
Versions: 1 release
First release: 09 May 2026, 23:08 UTC
Analysed: 07 Jun 2026, 22:30 UTC
Source files: 6 .py files scanned

Project Links

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: MacOSOperating System :: Microsoft :: WindowsOperating System :: POSIX :: LinuxProgramming Language :: Python :: 3Programming Language :: Python :: 3.13Topic :: DatabaseTopic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no signs of obfuscation or credential harvesting, but there are significant concerns about the git repository activity and maintainer history, suggesting potential risks that warrant further investigation.

High metadata risk due to suspicious git repository activity
Maintainer history raises concerns

Per-check LLM notes

Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: High risk due to suspicious git repository activity and maintainer history.

📦 Package Quality Overall: Low (4.6/10)

✦ High Test Suite 9.0

Test suite present — 2 test file(s) found

Test runner config found: pyproject.toml
2 test file(s) detected (e.g. test_db.py)

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (797 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 5.0

Partial type annotation coverage

31 type-annotated function signatures detected in source

○ Low Multiple Contributors 2.0

Single-author or unverifiable project

1 unique contributor(s) across 2 commits in skovalik/aurochs-core
Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: aurochs.agency>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 7.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks
Very few commits: 2 total
Single contributor with only 2 commit(s) — possibly throwaway account

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aurochs-core

Build a simple Python application using the aurochs-core package to demonstrate its core features.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (4.6/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue