Package Metadata

Author: —
Email: Alexy Grabov <[email protected]>, Yafit Tupman <[email protected]>
PyPI: aws-resource-validator-supplychain
Python: >=3.11
Versions: 3 releases
First release: 29 Apr 2026, 22:06 UTC
Analysed: 08 Jun 2026, 11:50 UTC
Source files: 1 .py file scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: OSI Approved :: Apache Software LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risk in terms of network, shell, obfuscation, and credential risks. However, the incomplete author information and the maintainer having only one package are concerning, suggesting potential supply-chain risks.

Incomplete author information
Maintainer has only one package

Per-check LLM notes

Network: No network calls detected, which is normal if the package does not require external API interactions.
Shell: No shell execution patterns detected, indicating no immediate risk of executing arbitrary commands.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
Credentials: No credential harvesting patterns detected, indicating low risk of malicious activity.
Metadata: The author information is incomplete and the maintainer has only one package, which could indicate a less experienced or potentially suspicious account.

📦 Package Quality Overall: Low (3.8/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Brief PyPI description (312 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

○ Low Type Annotations 1.0

No type annotations detected

No type annotations, py.typed marker, or stub files detected

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 75 commits in CoreOxide/aws_resource_validator
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository CoreOxide/aws_resource_validator appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-resource-validator-supplychain

Create a Python-based mini-application called 'SupplyChainInspector' that leverages the 'aws-resource-validator-supplychain' package to validate and inspect AWS resources within a supply chain context. This tool will serve as an audit utility for organizations looking to ensure compliance and security across their AWS supply chain operations.

Step-by-Step Guide:
1. Initialize a new Python project and install the necessary dependencies including 'aws-resource-validator-supplychain'.
2. Design the application to accept input in the form of AWS resource configurations, either via a file upload or direct input from the user.
3. Implement functionality to parse these configurations using Pydantic models provided by 'aws-resource-validator-supplychain', ensuring that all inputs adhere to the expected structure and constraints.
4. Develop a validation module that checks each resource against predefined criteria such as cost optimization, security best practices, and compliance standards specific to supply chain management.
5. Integrate an output feature that provides a detailed report on the health and compliance status of the inspected AWS resources.
6. Optionally, implement a feature that suggests improvements or remediation actions based on the validation results.
7. Ensure the application is user-friendly, providing clear instructions and feedback throughout the process.

Suggested Features:
- Support for multiple AWS resource types relevant to supply chain operations.
- Customizable validation rules allowing users to set their own compliance standards.
- An intuitive UI/CLI interface for ease of use.
- Detailed logging and reporting capabilities.
- Integration with existing monitoring tools or dashboards for continuous tracking.

How 'aws-resource-validator-supplychain' is Utilized:
- The package's Pydantic models will be used to define the schema for AWS resource configurations, ensuring that all input data is correctly formatted and validated before processing.
- These models will also facilitate the enforcement of supply chain-specific validation rules, making it easier to maintain compliance and security across different stages of the supply chain.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Low (3.8/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue