Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-cloudhsmv2
Python: >=3.11
Versions: 3 releases
First release: 28 Apr 2026, 22:02 UTC
Analysed: 08 Jun 2026, 06:23 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no immediate signs of malicious activity such as network calls, shell executions, or credential harvesting. However, the metadata risk score is elevated due to the author's new or inactive account and lack of proper identification, raising concerns about potential supply-chain risks.

Author with a new or inactive account
Lack of proper author identification

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external API interactions.
Shell: No shell execution patterns detected, indicating the package likely does not execute external commands.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The author has a new or inactive account and lacks a proper author name, which raises some suspicion but not enough to definitively conclude malice.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (309 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-cloudhsmv2

Create a Python-based command-line tool named 'CloudHSMV2Inspector' that leverages the 'aws-resource-validator-cloudhsmv2' package to validate and inspect AWS CloudHSM V2 clusters. This tool will help users ensure their CloudHSM V2 configurations meet specific criteria, such as security compliance, cost optimization, and performance metrics.

Step-by-Step Instructions:
1. Install necessary dependencies including 'aws-resource-validator-cloudhsmv2', 'boto3' for AWS SDK, and 'typer' for building the CLI.
2. Define a function to fetch the current state of all CloudHSM V2 clusters in the user's account using boto3.
3. Use 'aws-resource-validator-cloudhsmv2' models to validate the fetched data against predefined schemas that represent best practices and standards.
4. Implement a feature to generate a report summarizing the validation results, highlighting any discrepancies or potential improvements.
5. Add an option for users to specify custom validation rules via a configuration file.
6. Ensure the CLI tool supports interactive mode where users can input cluster names directly and get real-time validation feedback.
7. Develop a logging mechanism to track the execution of the tool and store reports for future reference.
8. Include error handling to gracefully manage common issues like missing permissions or invalid inputs.

Suggested Features:
- Support for multiple AWS regions.
- Integration with AWS CloudTrail logs for auditing purposes.
- Automated email notifications upon detecting critical issues.
- Option to export validation reports in various formats (CSV, PDF).
- Compatibility with different versions of Python (3.7+).

The 'aws-resource-validator-cloudhsmv2' package will primarily be used to define the structure and constraints for CloudHSM V2 resources, ensuring that the data retrieved from AWS matches expected formats and adheres to defined rules. This will enable users to quickly identify misconfigurations or potential vulnerabilities in their CloudHSM V2 deployments.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue