Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-iam
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 07:48 UTC
Analysed: 08 Jun 2026, 08:13 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has low technical risks but raises concerns due to missing maintainer information and potentially inactive account, which could indicate a supply-chain attack.

Missing maintainer's author name
Potentially inactive maintainer account

Per-check LLM notes

Network: No network calls detected, which is normal for packages that don't require external API interactions.
Shell: No shell execution patterns detected, indicating the package does not execute system commands.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent related to code obfuscation.
Credentials: No credential harvesting patterns detected, suggesting no immediate risk of unauthorized access to credentials.
Metadata: The maintainer's author name is missing and the account seems new or inactive, raising some concerns.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (288 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-iam

Create a command-line tool named 'IAMPolicyChecker' using Python and the 'aws-resource-validator-iam' package. This tool will help system administrators and developers validate IAM policies against AWS best practices and security guidelines. The tool should have the following functionalities:

1. **Policy Validation**: Accept an IAM policy document as input either from a file or directly via the command line and use 'aws-resource-validator-iam' to validate it against AWS standards.
2. **Detailed Report Generation**: Generate a detailed report indicating whether the policy passes validation, along with specific reasons if it fails.
3. **Interactive Mode**: Offer an interactive mode where users can input policy details incrementally and receive real-time feedback on the validity of each section of the policy.
4. **Integration with AWS CLI**: Allow users to fetch existing IAM policies from their AWS account and automatically run them through the validator.
5. **Custom Rules Configuration**: Enable customization of validation rules based on organization-specific requirements, allowing for more tailored checks beyond just AWS defaults.
6. **Output Formats**: Support outputting the validation results in multiple formats such as JSON, YAML, or plain text, catering to different user preferences and integration needs.

The 'aws-resource-validator-iam' package plays a crucial role in this application by providing the necessary Pydantic v2 models that represent AWS IAM resources. These models are used to parse and validate the structure and content of IAM policies according to AWS specifications. By leveraging these models, the tool ensures that policies adhere to AWS best practices, enhancing overall security and compliance within organizations.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue