authentik-client

v2026.5.2 suspicious
4.0
Medium Risk

authentik

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a low risk score due to the absence of network calls, shell execution, obfuscation, and credential harvesting. However, the metadata quality concerns and missing repository link elevate its suspicion level.

  • Missing repository link
  • Low metadata quality
Per-check LLM notes
  • Network: No network calls detected, which is unusual for an authentication client but may be due to conditional logic not triggered during inspection.
  • Shell: No shell execution patterns detected, indicating no immediate signs of malicious activity.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows some red flags such as a missing repository and low metadata quality, but there's no clear indication of malicious intent.

📦 Package Quality Overall: Low (2.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (233521 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 384 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Could not retrieve contributor data from GitHub

  • GitHub API error: 404

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: goauthentik.io>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

Repository not found (deleted or private)

  • Repository not found (deleted or private)
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "authentik Team" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with authentik-client 
Create a mini-application named 'Authentik-Manager' using Python's 'authentik-client' package. This application will serve as a user-friendly interface to manage user authentication and authorization within an authentik environment. The app should have the following functionalities:

1. User Management: Allow users to create, read, update, and delete (CRUD) accounts within the authentik environment.
2. Role Management: Users should be able to assign roles to other users and modify existing role assignments.
3. Authentication Flow Customization: Provide a feature where users can customize authentication flows, such as adding or removing steps in the login process.
4. Audit Logs: Implement a logging system that tracks all changes made through the application, including who made the change and when.
5. Integration Testing: Include automated tests to ensure that all CRUD operations work as expected and that the application integrates correctly with the authentik API.

To achieve these features, you'll need to utilize the 'authentik-client' package to interact with the authentik API endpoints for user management, role management, flow customization, and audit logs. The application should be designed with a simple command-line interface (CLI) for ease of use and should handle errors gracefully, providing clear feedback to the user when something goes wrong.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!