avia-cli

v0.1.0 suspicious
5.0
Medium Risk

Command line client for Avia dataset upload and browser authentication

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to its execution of shell commands and the lack of activity in its repository. While there's no direct evidence of malicious intent, the package should be reviewed more thoroughly before use.

  • Shell risk due to subprocess.run usage
  • Limited repository activity and maintainer history
Per-check LLM notes
  • Network: The use of 'requests.Session' is common for making HTTP requests and does not inherently indicate malicious intent.
  • Shell: Executing shell commands via 'subprocess.run' can be risky if not properly sanitized or controlled, suggesting potential for misuse.
  • Obfuscation: No obfuscation patterns detected.
  • Credentials: The observed pattern is likely for user input of an API key and does not indicate malicious activity.
  • Metadata: The repository is new with no activity, and the maintainer has limited history, raising suspicion.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Brief PyPI description (637 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 106 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 6 commits in Shengguang-Zhou/AviaCLI
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • rust_env: bool): with requests.Session() as session: session.trust_env = trust_env
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • key}: {value}')}") proc = subprocess.run( [ curl, "-fsS",
Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • din.read().strip() return getpass.getpass("Avia API key: ").strip() def _manual_token_requested(args
Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 5.0

Git history flags: Repository created very recently: 7 day(s) ago (2026-06-01T13:45:27Z)

  • Repository created very recently: 7 day(s) ago (2026-06-01T13:45:27Z)
  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Eurekai" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with avia-cli 
Create a mini-application named 'AviaDataUploader' that leverages the 'avia-cli' package to streamline the process of uploading datasets to the Avia platform and managing user authentication. This application should serve as a command-line interface (CLI) tool, making it easy for users to interact with their data on Avia without needing to navigate through a web interface. Below are the key functionalities and steps for building this application:

1. **User Authentication:** Implement a login feature that allows users to authenticate themselves using the 'avia-cli' package's browser-based authentication method. This should involve opening a URL in the user's default browser where they can log in with their credentials. Once authenticated, the application should store a token securely for future use.
2. **Dataset Upload:** Develop a feature that enables users to upload datasets directly from their local machine to their Avia account. Users should be able to specify the file path of the dataset they wish to upload. The application should handle the upload process using the 'avia-cli' package, ensuring progress updates are provided during the upload.
3. **Dataset Management:** After successful uploads, the application should provide options for managing these datasets. Features could include listing all uploaded datasets, deleting specific datasets, and renaming them if supported by the Avia platform.
4. **Configuration Settings:** Allow users to configure settings such as preferred upload directories, default dataset names, and other preferences that can simplify repeated tasks.
5. **Help and Documentation:** Ensure that the application includes comprehensive help documentation accessible via command-line options. This should cover common commands, error messages, and troubleshooting tips.

By following these guidelines, you'll create a powerful and user-friendly CLI tool that integrates seamlessly with the Avia platform, enhancing the efficiency of dataset management for its users.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!