aws-resource-validator-apigatewayv2

v2.0.3 suspicious
4.0
Medium Risk

Pydantic v2 models for AWS apigatewayv2, shipped as a PEP 420 namespace extension of aws-resource-validator.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network, shell, and obfuscation activities, with no signs of credential harvesting. However, the metadata risk score is elevated due to incomplete author information and potentially inactive account, which warrants further scrutiny.

  • Incomplete author information
  • Potentially inactive account
Per-check LLM notes
  • Network: No network calls detected, which is unusual but not necessarily indicative of malicious activity; it depends on the package's intended functionality.
  • Shell: No shell execution patterns detected, suggesting no immediate risk from command execution vulnerabilities.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The author's information is incomplete and the account seems new or inactive, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Brief PyPI description (315 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
  • Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-apigatewayv2 
Create a Python-based CLI tool named 'APIGatewayV2Validator' that leverages the 'aws-resource-validator-apigatewayv2' package to validate and display information about API Gateway V2 resources. This tool should allow users to input their AWS API Gateway V2 resource definitions in JSON format and then validate these against the Pydantic models provided by the 'aws-resource-validator-apigatewayv2' package. Upon validation, the tool should output whether the resource definition is valid and provide details such as the API name, route keys, integration types, and any other relevant information. Additionally, implement error handling to catch and report common issues like missing required fields or incorrect data types. As an advanced feature, include the ability to automatically correct simple errors, such as fixing a typo in a route key, and notify the user of these corrections. Finally, ensure the tool is well-documented and easy to use, with clear instructions on installation and usage.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!