autourgos-core

v1.0.1 suspicious
6.0
Medium Risk

Core tool system for the Autourgos agentic AI framework — Tool class, @tool decorator, and schema generation.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package arourgos-core v1.0.1 exhibits a high obfuscation risk due to the use of eval with user input, which can lead to code injection vulnerabilities. Despite no clear signs of credential harvesting or direct malicious intent, the overall risk is elevated.

  • High obfuscation risk due to eval usage with user input.
  • Signs of a potentially low-effort package release.
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package is expected to perform network operations.
  • Shell: No shell execution patterns detected, indicating the package does not execute external commands.
  • Obfuscation: The use of eval with user input is highly suspicious and can be used for code injection, indicating potential malicious intent.
  • Credentials: No obvious patterns for harvesting credentials or secrets were detected.
  • Metadata: The package shows signs of being new and potentially low-effort, but there are no clear red flags indicating malicious intent.

📦 Package Quality Overall: Low (3.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. test_base_agent.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (9492 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 75 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

  • str: return str(eval(expression)) """ def decorator(f: Callable) -> S
  • framework. """ __path__ = __import__('pkgutil').extend_path(__path__, __name__) from .base_agent import
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Sonia & Om" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with autourgos-core 
Your task is to create a simple yet powerful personal task manager using the 'autourgos-core' Python package. This app will allow users to manage their daily tasks, set reminders, and integrate with other tools through the use of the package's core functionalities.

Steps to follow:
1. Install the 'autourgos-core' package and import its necessary modules.
2. Define a Task class that represents individual tasks, including attributes such as title, description, due date, priority level, and completion status.
3. Implement a TaskManager class that manages a collection of tasks. This class should have methods to add, delete, update, and retrieve tasks.
4. Use the @tool decorator provided by 'autourgos-core' to create command-line interfaces for adding, deleting, updating, and listing tasks.
5. Integrate a reminder system that sends notifications when tasks are due. You can simulate these notifications in the console for now.
6. Extend the functionality by allowing users to tag tasks with labels for better organization.
7. Finally, implement a feature that generates a JSON schema based on the Task class structure, using the schema generation capabilities of 'autourgos-core'.

Suggested Features:
- User-friendly CLI for managing tasks.
- Ability to filter tasks by label/tag.
- Priority-based sorting of tasks.
- Support for recurring tasks.
- Integration with external calendar services for synchronization.

How 'autourgos-core' is Utilized:
- The Tool class from 'autourgos-core' will serve as the foundation for your CLI commands.
- The @tool decorator simplifies the creation of command-line interfaces for interacting with the TaskManager.
- Schema generation helps in defining and validating the structure of task data, ensuring consistency and ease of integration with other systems.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!