autostartd

v0.1.4 suspicious
6.0
Medium Risk

Cross-platform autostart manager for Windows Task Scheduler and Linux Supervisor

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of obfuscation and credential harvesting risks, which could be indicative of malicious intent, especially given its shell execution capabilities that can lead to privilege escalation.

  • Use of base64 decoding without proper error handling, suggesting potential for hiding malicious code or data.
  • Direct use of getpass.getpass for user input collection, which might be used to harvest sensitive information.
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: Detection of shell execution suggests potential for privilege escalation and software installation, which may indicate unexpected behavior unless documented purposes include system administration tasks.
  • Obfuscation: The use of base64 decoding without proper error handling suggests potential for hiding malicious code or data.
  • Credentials: Direct use of getpass.getpass and lack of context suggest potential for harvesting user input, possibly including sensitive information like passwords.
  • Metadata: The maintainer has only one package, indicating a potentially new or less active account, but no other red flags are present.

📦 Package Quality Overall: Low (2.0/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (5252 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • lue): try: return base64.b64decode(value.encode("ascii")).decode("utf-8") except Exception:
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • "sh", "-c", cmd] result = subprocess.run(full_cmd, input=f"{password}\n", capture_output=True, text=T
  • ext=prompt_text) result = subprocess.run(["sudo", "-S", "-k", "-v"], input=f"{password}\n", capture_o
  • = get_python_executable() subprocess.run([python_cmd, "-m", "pip", "install", "--upgrade", "pyre-tool
  • use_color=True) process = subprocess.Popen( [python_cmd, "-m", "pyre", script_path], st
  • if capture: return subprocess.run(cmd, shell=shell, capture_output=True, text=True, errors="re
  • errors="replace") return subprocess.run(cmd, shell=shell) def input_nonempty(prompt, max_attempts=
Credential Harvesting score 5.0

Found 2 credential access pattern(s)

  • mpt): try: return getpass.getpass(prompt) except UnicodeEncodeError: safe_print(pr
  • rompt, end="") return getpass.getpass("") def sudo_run(cmd, password=None): """Run sudo comm
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Dawalishi" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with autostartd 
Create a cross-platform system monitoring tool named 'AutoGuard' that leverages the 'autostartd' package to ensure critical system processes start automatically on boot and continue running even if they crash. AutoGuard will support both Windows and Linux environments, using Windows Task Scheduler and Linux Supervisor respectively for process management.

Step-by-Step Requirements:
1. Develop a user-friendly command-line interface (CLI) for AutoGuard that allows users to add, remove, and manage processes.
2. Implement functionality within AutoGuard to monitor specified processes for crashes or unresponsiveness.
3. Utilize the 'autostartd' package to configure these processes to restart automatically if they fail.
4. Ensure that AutoGuard itself starts up automatically when the system boots, using 'autostartd' for cross-platform compatibility.
5. Include logging capabilities to record process status changes and system events for troubleshooting purposes.
6. Provide a feature to set custom intervals for health checks of the monitored processes.
7. Integrate a notification system (e.g., email alerts) to inform administrators about critical issues related to the monitored processes.

Suggested Features:
- Support for multiple processes per user account.
- Ability to specify startup dependencies between processes.
- Detailed logs with timestamps and error messages.
- Customizable alert thresholds for process downtime.
- Option to configure process priority levels.

How 'autostartd' is Utilized:
- For each process managed by AutoGuard, use 'autostartd' to create appropriate entries in the Windows Task Scheduler or Linux Supervisor based on the operating system.
- Leverage 'autostartd' to ensure that AutoGuard itself is configured to run at startup, maintaining cross-platform consistency.
- Use 'autostartd' functionalities to manage the lifecycle of the processes, including their automatic restarts upon failure.

Your task is to design and implement AutoGuard as a fully-functional mini-app that not only showcases the capabilities of the 'autostartd' package but also provides practical value for system administrators managing critical processes across different platforms.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!