avrae-ls

v0.10.0 suspicious
5.0
Medium Risk

Language server for Avrae draconic aliases

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential obfuscation techniques, which may be used to conceal malicious activities. However, it does not show clear signs of other common threats like shell execution or credential theft.

  • High obfuscation risk
  • Low activity in terms of metadata and credentials
Per-check LLM notes
  • Network: The network calls appear to be standard HTTP requests, likely for fetching resources or sending data, which is common for many packages.
  • Shell: No shell execution patterns detected, indicating low risk of direct command execution.
  • Obfuscation: The code shows signs of obfuscation which could be used to hide the true functionality of the code, raising concerns about its legitimacy.
  • Credentials: No clear patterns indicative of credential harvesting were detected.
  • Metadata: The maintainer has only one package and lacks PyPI classifiers, indicating low effort or newness, but no clear malicious indicators.

📦 Package Quality Overall: Low (2.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (6819 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 553 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • = ensured async with httpx.AsyncClient(timeout=5) as client: await asyncio.gather(*(_fe
  • ", key, url) with httpx.Client(timeout=5) as client: resp = client.get(url,
  • s None: session = httpx.AsyncClient(timeout=5) close_client = True try:
  • resp = httpx.post(url, json={"signature": signature}, headers=headers, timeout
Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

  • rror(e, expr) from e def eval(self, expr: str): """ Evaluates an expressio
  • ames = initial_names def eval(self, expr: str): retval = super().eval(expr)
  • tr): retval = super().eval(expr) if isinstance(retval, _Return): re
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "1drturtle" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with avrae-ls 
Create a fully-functional mini-application called 'Draconic Alias Explorer' that leverages the Python package 'avrae-ls' to explore and manage Draconic Aliases in Avrae, an online tabletop RPG tool. This application will provide users with an interactive way to view, create, edit, and delete aliases, enhancing their gaming experience.

### Project Overview:
- **Application Name:** Draconic Alias Explorer
- **Core Functionality:**
  - Integrate 'avrae-ls' to establish a connection with the Draconic Aliases language server.
  - Allow users to browse through existing aliases.
  - Enable users to search for specific aliases using keywords.
  - Provide functionality to add new aliases.
  - Offer an interface to modify existing aliases.
  - Implement a feature to remove aliases.
- **Additional Features:**
  - Display alias usage statistics.
  - Include a help section explaining common commands and syntax.
  - Support for user authentication to ensure data privacy.
  - Basic error handling and validation for inputs.

### Implementation Steps:
1. **Setup Environment:** Install necessary packages including 'avrae-ls'. Ensure your environment is set up to handle Python requests and responses effectively.
2. **Connect to Language Server:** Use 'avrae-ls' to connect to the Draconic Aliases language server. Understand how to send and receive data from the server.
3. **Design User Interface:** Create a simple yet effective GUI using a library like PyQt or Tkinter. Design screens for browsing, searching, adding, editing, and deleting aliases.
4. **Implement Core Functionalities:** Write functions to interact with the language server. These should include fetching all aliases, searching for specific aliases, adding new ones, updating existing ones, and deleting them.
5. **Enhance with Additional Features:** Add features such as displaying usage statistics and providing a help section.
6. **Test Application:** Thoroughly test each function to ensure reliability and accuracy of the application.
7. **Deploy Application:** Package the application so it can be easily distributed and installed on other machines.

### Utilizing 'avrae-ls':
- The 'avrae-ls' package will be primarily used for establishing communication between your application and the Draconic Aliases language server. It will facilitate the sending and receiving of commands and data related to managing aliases.
- You will need to understand how to use 'avrae-ls' to request lists of aliases, retrieve details about individual aliases, and perform operations like adding, modifying, and removing aliases.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!