Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-accessanalyzer
Python: >=3.11
Versions: 3 releases
First release: 28 Apr 2026, 18:06 UTC
Analysed: 08 Jun 2026, 05:12 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no immediate signs of malicious intent based on network, shell, obfuscation, and credential risks. However, the metadata risk score is elevated due to incomplete author information and a possibly inactive account, warranting further investigation.

Incomplete author information
Possibly inactive author account

Per-check LLM notes

Network: No network calls detected, which is normal for packages not requiring external API interactions.
Shell: No shell execution patterns detected, indicating the package does not execute system commands.
Obfuscation: No obfuscation patterns detected, suggesting legitimate functionality.
Credentials: No credential harvesting patterns detected, indicating safe handling of sensitive information.
Metadata: The author's information is incomplete and the account seems new or inactive, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (321 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-accessanalyzer

Develop a Python-based command-line tool named 'AccessAnalyzerValidator' that leverages the 'aws-resource-validator-accessanalyzer' package to validate AWS resources against Amazon Access Analyzer findings. This tool should enable users to input details of their AWS resources and then check if these resources adhere to best security practices according to Access Analyzer. The application should provide feedback on potential security risks and suggest improvements where necessary.

Key Features:
1. User Input: Accepts resource details such as S3 bucket policies, IAM roles, etc., either via command line arguments or from a configuration file.
2. Validation Process: Utilizes 'aws-resource-validator-accessanalyzer' to analyze the provided resource details against known Access Analyzer findings.
3. Feedback Mechanism: Outputs a report detailing any issues found, including suggestions for mitigating risks.
4. Configuration Options: Allows customization of validation criteria through a configuration file or command-line flags.
5. Detailed Documentation: Includes comprehensive documentation explaining how to use the tool effectively.

Steps to Build the Application:
1. Set up a virtual environment and install the required dependencies, including 'aws-resource-validator-accessanalyzer'.
2. Design the main class or function that will handle user inputs and call the validation process.
3. Implement the validation logic using models from 'aws-resource-validator-accessanalyzer', ensuring it accurately reflects the security standards set by Access Analyzer.
4. Develop a reporting system that clearly communicates the results of the validation process to the user.
5. Add support for reading configurations from files and command-line options to tailor the validation process.
6. Write unit tests to ensure the application works as expected under various conditions.
7. Prepare detailed documentation covering installation, usage, and examples.
8. Deploy the application as a standalone executable that can be easily distributed.

This project aims to simplify the process of validating AWS resources against security guidelines, helping developers and administrators maintain robust security postures without needing deep expertise in Access Analyzer.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue