AI Analysis
Final verdict: SUSPICIOUS
The package shows significant risks related to shell execution and potential code injection, raising concerns about its legitimacy and safety.
- High shell risk due to executing commands from external URLs
- Moderate obfuscation risk with use of 'pickle.loads'
Per-check LLM notes
- Network: Network calls could be legitimate for fetching resources needed for time-lapse creation, but should be reviewed to ensure URLs are trusted and data is handled securely.
- Shell: Executing commands from an external URL suggests potential for arbitrary code execution, which is highly suspicious and could indicate malicious activity.
- Obfuscation: The presence of 'pickle.loads' suggests potential for code injection if untrusted data is deserialized, indicating moderate risk.
- Credentials: No clear patterns indicative of credential harvesting were detected.
- Metadata: The author's information is incomplete and the account seems new or inactive, which raises some suspicion but not enough to be highly concerning.
Package Quality Overall: Medium (5.8/10)
β¦ High
Test Suite
9.0
Test suite present β 14 test file(s) found
14 test file(s) detected (e.g. test_cache_manager.py)
β Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (11408 chars)
β Low
Contributing Guide
2.0
No contributing guide or governance files found
No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
β Medium
Type Annotations
5.0
Partial type annotation coverage
297 type-annotated function signatures detected in source
β¦ High
Multiple Contributors
8.0
Active multi-contributor project
3 unique contributor(s) across 100 commits in kokoeverest/Automatic-time-lapse-creatorSmall but multi-author team (3β4 contributors)
Heuristic Checks
Outbound Network Calls
score 7.5
Found 5 network call pattern(s)
try: response = requests.get(url, timeout=15) response.raise_for_status()try: response = requests.get(self.url, timeout=15) if response.status_code !=or {} self.session = requests.Session() super().__init__( location_natry: response = requests.get(self.url, timeout=5) response.raise_for_status()attempt with smtplib.SMTP(smtp_server, smtp_port, timeout=10) as server:
Code Obfuscation
score 4.0
Found 2 obfuscation pattern(s)
ce_for_pickle) restored = pickle.loads(data) assert restored.location_name == browser_source_fce_for_pickle) restored = pickle.loads(data) assert restored.location_name == persistent_brows
Shell / Subprocess Execution
score 2.0
Found 1 shell execution pattern(s)
"best", url] result = subprocess.run(command, capture_output=True, text=True) video_url =
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gmail.com>
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository kokoeverest/Automatic-time-lapse-creator appears legitimate
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with automatic-time-lapse-creator
Create a fully-functional mini-application called 'TimelapseCam' that utilizes the 'automatic-time-lapse-creator' Python package to generate time-lapse videos from webcam feeds. This application will serve as a user-friendly tool for anyone interested in capturing time-lapse videos of their surroundings. Hereβs a detailed breakdown of what the application should do: 1. **User Interface**: Design a simple, intuitive graphical user interface (GUI) using Tkinter or PyQt. The UI should include options for users to input their webcam URL or select a local camera source, set the interval at which images should be captured, specify the duration of the time-lapse session, and choose the output file path for the final video. 2. **Webcam Connection**: Implement functionality to connect to a specified webcam URL or local camera source. Ensure that the application can handle different types of camera connections gracefully. 3. **Image Scraping**: Use the 'automatic-time-lapse-creator' package to scrape images from the connected webcam at regular intervals based on the user-specified settings. The package should handle the image acquisition process efficiently. 4. **Time-Lapse Generation**: After collecting the images, the application should use the 'automatic-time-lapse-creator' package to compile these images into a high-quality time-lapse video. Users should be able to preview the generated video before saving it. 5. **Additional Features**: - **Video Quality Settings**: Allow users to adjust video quality parameters such as resolution and frame rate. - **Thumbnail Creation**: Automatically create a thumbnail for each time-lapse video generated. - **Progress Tracking**: Provide real-time progress tracking during the time-lapse generation process. 6. **Error Handling**: Implement robust error handling to manage issues like invalid URLs, connection failures, and file write errors. 7. **Documentation**: Write comprehensive documentation detailing how to install and use the 'TimelapseCam' application, including any dependencies required from the 'automatic-time-lapse-creator' package. 8. **Testing**: Conduct thorough testing to ensure the application works correctly under various scenarios, including edge cases and potential user mistakes. This project aims to provide an accessible and powerful tool for creating time-lapse videos directly from webcam feeds, leveraging the capabilities of the 'automatic-time-lapse-creator' package.
π¬ Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue