auto-rxn

v2026.5.0 suspicious
4.0
Medium Risk

(No description)

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to potential shell execution risks and concerns about the maintainer's metadata. These factors suggest a need for caution.

  • Shell risk due to potential file editing commands.
  • Maintainer metadata is incomplete or new, raising suspicion.
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Shell execution appears to be related to opening files with the user's preferred editor, which is not inherently malicious but could pose risks if exploited.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity related to code obfuscation.
  • Credentials: No credential harvesting patterns detected, suggesting no immediate risk of secret or credential theft.
  • Metadata: The maintainer's author name is missing or very short and seems to be new or inactive, which raises some concern.

📦 Package Quality Overall: Medium (5.8/10)

✦ High Test Suite 9.0

Test suite present — 5 test file(s) found

  • 5 test file(s) detected (e.g. test_children.py)
◈ Medium Documentation 5.0

Some documentation present

  • Brief PyPI description (497 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 8 type-annotated function signatures (partial)
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 48 commits in uw-madison-chem-shops/auto_rxn
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • rtswith("win32"): subprocess.run([os.environ.get("EDITOR", "notepad.exe"), str(path)])
  • )]) else: subprocess.run([os.environ.get("EDITOR", "vi"), path]) try:
  • TOR", "notepad.exe")) subprocess.run([editor, str(path)]) else: subprocess.run([os.en
  • str(path)]) else: subprocess.run([os.environ.get("EDITOR", "vi"), str(path)]) @main.command
  • TOR", "notepad.exe")) subprocess.run([editor, str(script_path)]) else: subprocess.run
  • ipt_path)]) else: subprocess.run([os.environ.get("EDITOR", "vi"), str(script_path)]) @main.
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository uw-madison-chem-shops/auto_rxn appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with auto-rxn 
Create a chemical reaction prediction tool using the 'auto-rxn' Python package. This tool will allow users to input two molecules and predict the possible reactions between them based on existing chemical databases and machine learning models. The application should have a user-friendly interface where users can input SMILES strings for the reactants. It should then use 'auto-rxn' to predict the products of the reaction and display these predictions along with their confidence scores. Additionally, the tool should be able to visualize the molecular structures of the reactants and predicted products using a library like RDKit. Some suggested features include:

1. Input validation for ensuring the entered SMILES strings are valid.
2. An option to save the reaction predictions and molecular structures to a file.
3. Integration with a web framework like Flask to create a web-based version of the tool.
4. A feature to show relevant literature references for the predicted reactions if available.
5. Error handling to provide meaningful feedback when the input is invalid or no reactions are found.

To utilize 'auto-rxn', you'll need to install it via pip and familiarize yourself with its API for predicting reactions from SMILES strings. The core functionality will involve calling 'auto-rxn' functions to process the inputs and generate predictions, which will then be displayed to the user.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!