Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-signer
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 21:01 UTC
Analysed: 08 Jun 2026, 11:25 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SAFE

The package shows no signs of malicious activity and has low risk scores across all categories except metadata, where there is some concern about the maintainer's author information.

No network calls or shell executions detected.
Maintainer's author information is incomplete.

Per-check LLM notes

Network: No network calls detected, which is not necessarily suspicious for a tool that validates AWS resources.
Shell: No shell execution patterns detected, indicating the package does not execute external commands.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The maintainer's author information is incomplete, suggesting potential lack of transparency or a new/inactive account.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (297 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-signer

Create a Python-based utility application named 'AWS Resource Authenticator' that leverages the 'aws-resource-validator-signer' package to validate and sign AWS resources. This application will serve as a robust tool for developers and DevOps engineers to ensure the authenticity and integrity of their AWS resources before deploying them into production environments.

### Core Functionality:
1. **Resource Validation**: Implement a feature that allows users to input JSON configurations for various AWS services (e.g., S3 buckets, Lambda functions). The application will use Pydantic v2 models provided by 'aws-resource-validator-signer' to validate these configurations against predefined schemas. This ensures that the configuration files are correctly formatted and contain all necessary fields.
2. **Signing Process**: Once validation is successful, the application will automatically generate a digital signature for the validated resource configuration using AWS Signer. This signature will be attached to the configuration file, providing an additional layer of security and ensuring that the resource has not been tampered with during transit or storage.
3. **Output Delivery**: After signing, the application will output both the signed configuration file and a report detailing any issues found during the validation process. This report should be easy to read and understand, highlighting any potential security risks or configuration errors.

### Additional Features:
- **Customizable Validation Rules**: Allow users to define custom validation rules based on specific organizational policies or compliance requirements.
- **Batch Processing**: Enable the application to handle multiple resource configurations at once, making it more efficient for teams managing large numbers of AWS resources.
- **Integration with CI/CD Pipelines**: Provide documentation and examples on how to integrate 'AWS Resource Authenticator' into existing CI/CD pipelines, ensuring that all deployed resources are validated and signed before deployment.
- **Security Audit Logs**: Implement logging functionality that records all validation and signing activities, which can be useful for auditing purposes.

### Utilization of 'aws-resource-validator-signer':
- Use the Pydantic v2 models from 'aws-resource-validator-signer' to define and validate the structure of AWS resource configurations.
- Leverage the 'aws-resource-validator-signer' package's signing capabilities to securely sign validated configurations.
- Ensure that all interactions with AWS services through the application are secure and compliant with best practices.

Your task is to design and implement this utility application, ensuring it is user-friendly, efficient, and integrates seamlessly with existing AWS workflows.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue