Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-security-ir
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 21:00 UTC
Analysed: 08 Jun 2026, 11:14 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows no immediate signs of malicious activity such as network calls, shell executions, or obfuscation. However, the metadata risk score is elevated due to missing maintainer information and limited package history, raising concerns about potential supply-chain risks.

Metadata risk due to incomplete maintainer details
Single package from maintainer suggests less experience or potential risk

Per-check LLM notes

Network: No network calls detected, which is normal for a package that does not require external communications.
Shell: No shell execution patterns detected, indicating the package does not execute system commands.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity related to code obfuscation.
Credentials: No credential harvesting patterns detected, suggesting the package does not engage in unauthorized access or theft of secrets.
Metadata: The maintainer's author name is missing and has only one package, which might indicate a less experienced or potentially suspicious account.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (312 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-security-ir

Develop a small, user-friendly command-line tool using Python that helps system administrators and developers validate the security compliance of their AWS resources based on specific security best practices and guidelines. This tool will utilize the 'aws-resource-validator-security-ir' package to ensure that the AWS resources meet certain security standards defined within the package's Pydantic v2 models.

The application should include the following features:
1. **AWS Resource Input**: Users should be able to input AWS resource details such as S3 buckets, RDS instances, EC2 instances, etc., either through command-line arguments or via a configuration file.
2. **Security Compliance Check**: The tool will validate each resource against predefined security checks and best practices, leveraging the 'aws-resource-validator-security-ir' package's models.
3. **Report Generation**: After validation, the tool should generate a comprehensive report detailing which resources passed the security checks and which did not, along with recommendations for improvement.
4. **Customizable Security Checks**: Allow users to customize the security checks by adding or removing specific checks from the predefined list provided by the 'aws-resource-validator-security-ir' package.
5. **Integration with AWS SDK**: Utilize the AWS SDK for Python (boto3) to fetch resource details directly from AWS, enhancing the tool's functionality and reducing manual input errors.
6. **User-Friendly Interface**: Ensure the command-line interface is intuitive and easy to use, providing clear instructions and error messages.
7. **Logging and Error Handling**: Implement logging to track operations and errors, and robust error handling to manage exceptions gracefully.

This project aims to streamline the process of ensuring AWS resources adhere to security best practices, thereby enhancing overall security posture. The 'aws-resource-validator-security-ir' package will be central to defining and validating these security checks, making it an essential component of the application.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue