Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-controlcatalog
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 00:13 UTC
Analysed: 08 Jun 2026, 06:56 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows low risks in terms of network calls, shell execution, obfuscation, and credential harvesting. However, the metadata risk score is elevated due to incomplete author details and a single package from the author, suggesting potential suspicion.

Incomplete author details
Single package from the author

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external API interactions.
Shell: No shell execution patterns detected, indicating no direct system command execution is occurring.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The author's details are incomplete and the author has a single package, which could indicate a less experienced or potentially suspicious actor.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (321 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-controlcatalog

Develop a comprehensive utility named 'ControlCatalogInspector' that leverages the 'aws-resource-validator-controlcatalog' Python package to validate and inspect AWS Control Tower controls and compliance standards. This utility will serve as a tool for DevOps teams and security officers to ensure their AWS environments adhere to specified compliance frameworks such as PCI DSS, HIPAA, or custom organizational policies.

### Key Features:
1. **Control Validation**: Implement functionality to validate AWS Control Tower controls against a set of predefined criteria. These criteria could include checking if a control is enabled across all regions, if it meets specific version requirements, or if it aligns with certain compliance standards.
2. **Compliance Reporting**: Generate detailed reports summarizing the current state of compliance within an AWS environment. Reports should include information on which controls are compliant, non-compliant, or pending review, along with any relevant metadata.
3. **Customizable Compliance Checks**: Allow users to define their own compliance checks based on their organization's unique requirements. Users should be able to specify conditions under which a control passes or fails a compliance check.
4. **Integration with AWS SDK**: Utilize the 'boto3' library alongside 'aws-resource-validator-controlcatalog' to interact directly with AWS services and retrieve necessary data for validation and reporting purposes.
5. **User Interface**: Develop a simple command-line interface (CLI) for interacting with 'ControlCatalogInspector'. The CLI should support commands like `validate`, `report`, and `check` for performing validations, generating reports, and defining custom checks respectively.
6. **Logging and Error Handling**: Ensure robust error handling and logging mechanisms are in place to capture any issues encountered during validation processes or report generation.

### How 'aws-resource-validator-controlcatalog' is Utilized:
- **Model Definition**: Use the Pydantic v2 models provided by 'aws-resource-validator-controlcatalog' to define the structure of AWS Control Tower controls and compliance checks. These models will facilitate the parsing and validation of control data retrieved from AWS.
- **Validation Logic**: Leverage these models to implement the logic for validating controls against compliance criteria. For example, you might use model attributes to determine if a control meets version requirements or if it's applied consistently across regions.
- **Report Generation**: Incorporate the models into the report generation process to ensure reports accurately reflect the current state of compliance based on validated control data.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue