autowt

v0.5.11 suspicious
4.0
Medium Risk

Customizable git worktree manager

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to potential shell execution risks and incomplete maintainer information.

  • Shell execution detected, indicating possible use of external commands
  • Incomplete maintainer information and lack of associated GitHub repository
Per-check LLM notes
  • Network: No network calls detected, which is typical for many packages.
  • Shell: Shell execution detected might indicate the package executes external commands, which could pose a risk if not properly sanitized or controlled.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package has no associated GitHub repository and the maintainer's information is incomplete, raising some suspicion but not definitive evidence of malice.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 37 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 37 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3912 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 214 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • sibility result = subprocess.run( hook_script, shell=True,
  • """ try: result = subprocess.run( branch_name_cmd, shell=True,
  • try: result = subprocess.run( [cli_command, str(worktree_path)],
  • and try: result = subprocess.run( cmd, cwd=cwd, capture_output=capture_output, te
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: example.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with autowt 
Create a Python-based Git Worktree Manager called 'GitTreeMaster' that leverages the 'autowt' package to streamline the management of multiple Git branches within a single repository. This tool should provide users with an intuitive interface to create, switch between, and delete worktrees, all while maintaining a clean and organized workspace.

### Core Features:
1. **Worktree Management**: Users should be able to easily create new worktrees from any branch or tag within their Git repository. The app should also allow them to switch between these worktrees seamlessly.
2. **Branch Synchronization**: Implement a feature that automatically updates the local branches in each worktree whenever changes are pushed to the remote repository.
3. **Conflict Resolution**: Integrate a mechanism to detect and resolve merge conflicts that may arise when switching between worktrees or updating branches.
4. **User Interface**: Develop a simple yet powerful command-line interface (CLI) for interacting with the tool. Consider adding options for advanced users to customize the behavior of certain commands.
5. **Documentation & Help**: Include comprehensive documentation and help sections within the CLI to guide users through the process of setting up and using GitTreeMaster effectively.

### Utilization of 'autowt':
- Use 'autowt' to handle the creation, deletion, and switching of worktrees. Customize its functionalities as needed to fit the specific requirements of GitTreeMaster.
- Explore the 'autowt' documentation to understand how you can extend its capabilities to support branch synchronization and conflict resolution.
- Ensure that the integration of 'autowt' into GitTreeMaster enhances the user experience by making complex Git operations more accessible and efficient.

### Development Steps:
1. **Setup Environment**: Begin by setting up your development environment with Python and installing the necessary packages, including 'autowt'.
2. **Design CLI Structure**: Plan out the structure of your CLI, including the commands and arguments that will be available to users.
3. **Implement Core Functionality**: Focus on implementing the core features listed above, starting with basic worktree management before moving onto more advanced functionalities like synchronization and conflict resolution.
4. **Testing & Debugging**: Thoroughly test your application to ensure it works as expected under various scenarios. Pay special attention to edge cases and potential errors.
5. **Enhancements & Optimization**: Once the basic functionality is working well, consider ways to enhance the user experience and optimize performance.
6. **Documentation & Deployment**: Write clear and concise documentation to accompany your application. Finally, prepare GitTreeMaster for deployment so that others can use it too.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!