Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-inspector2
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 08:53 UTC
Analysed: 08 Jun 2026, 08:20 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no immediate signs of malicious activity such as network calls or shell executions. However, the metadata risk due to the maintainer's incomplete profile and newness raises some suspicion.

Incomplete maintainer profile
New maintainer account

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external API interactions.
Shell: No shell execution detected, which is expected unless the package needs to execute commands on the host system.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets and credentials.
Metadata: The maintainer has an incomplete profile and a new account with only one package, which raises some suspicion but does not conclusively indicate malicious intent.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (309 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-inspector2

Create a Python-based application named 'Inspector2Audit' that leverages the 'aws-resource-validator-inspector2' package to validate and audit AWS Inspector2 findings against a set of predefined security policies. This application should serve as a tool for DevOps teams and security professionals to quickly assess whether their AWS resources comply with specific security standards. Here are the steps and features you should implement:

1. **Setup Project Environment**: Initialize a new Python project and install the necessary packages including 'aws-resource-validator-inspector2', 'boto3' for AWS SDK, and 'pydantic' for model validation.
2. **Define Security Policies**: Create a module within your project where you define various security policies using Pydantic models provided by 'aws-resource-validator-inspector2'. These policies could include rules like 'No Public S3 Buckets', 'IAM Password Policy Compliance', etc.
3. **Fetch Inspector2 Findings**: Implement a function that uses boto3 to fetch findings from AWS Inspector2. This function should be able to filter findings based on resource type, severity, or any other relevant criteria.
4. **Validation Logic**: Develop a mechanism within your application to validate fetched findings against the defined security policies. Use Pydantic models from 'aws-resource-validator-inspector2' to ensure that the findings adhere to the specified standards.
5. **Reporting Mechanism**: Integrate a reporting feature into your application that generates a summary report detailing which findings pass or fail the security checks. The report should be easily readable and include recommendations for remediation.
6. **CLI Interface**: Finally, create a command-line interface (CLI) for your application, allowing users to run audits and generate reports with minimal configuration. Users should be able to specify the AWS region, security policies to apply, and output format (e.g., JSON, CSV).

By following these steps, you will have developed a comprehensive tool that not only leverages the capabilities of 'aws-resource-validator-inspector2' but also provides significant value to organizations looking to enhance their AWS security posture.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue