Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-sts
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 22:06 UTC
Analysed: 08 Jun 2026, 11:50 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal signs of malicious intent based on current analysis, but the metadata risk score due to the maintainer's account status and lack of proper identification raises some concern.

Low risk scores across all technical indicators.
Maintainer's metadata raises suspicion due to a new or inactive account and missing author name.

Per-check LLM notes

Network: No network calls detected, which is unusual but not necessarily indicative of malicious activity without further context.
Shell: No shell execution patterns detected, reducing immediate concerns about potential backdoors or C2 activities.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious code.
Credentials: No credential harvesting patterns detected, suggesting safe handling of sensitive information.
Metadata: The maintainer has a new or inactive account and lacks a proper author name, raising some suspicion but not conclusive evidence of malice.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (288 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-sts

Create a Python-based command-line utility named 'AWS STS Validator' that leverages the 'aws-resource-validator-sts' package to validate AWS Security Token Service (STS) related resources. This tool will serve as a quick and efficient way for developers and system administrators to ensure their STS configurations meet specific criteria or standards, helping to maintain security best practices.

Step 1: Set up the Project
- Initialize a new Python virtual environment and install necessary packages including 'aws-resource-validator-sts'.
- Create a main script file (e.g., 'main.py') where the application logic will reside.

Step 2: Define Validation Rules
- Use the models provided by 'aws-resource-validator-sts' to define validation rules for different aspects of STS configurations such as policies, roles, and permissions.
- Implement these rules in functions that accept STS configuration data as input and return validation results.

Step 3: Build Command Line Interface
- Utilize a library like Click or Argparse to create a CLI for the application.
- Allow users to specify the type of resource they want to validate (e.g., 'sts-policy', 'sts-role').
- Provide options for specifying the source of the configuration data (file path, URL).

Step 4: Implement Data Loading Mechanisms
- Develop functions to load STS configuration data from various sources (files, URLs).
- Ensure the data is parsed correctly into a format compatible with the validation functions.

Step 5: Execute Validation and Display Results
- Integrate the validation functions with the CLI so that when a user specifies a resource and its source, the tool loads the data, validates it according to predefined rules, and outputs the results.
- Results should include both pass/fail status and any specific issues identified during validation.

Step 6: Add Additional Features
- Consider adding support for multiple validation profiles or templates.
- Implement logging functionality to record validation activities and outcomes.
- Offer suggestions for improving configurations based on failed validations.

By following these steps, you'll have developed a powerful yet easy-to-use tool for validating AWS STS configurations, utilizing the 'aws-resource-validator-sts' package to streamline the process.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue