aws-scripts

v0.1.23 suspicious
6.0
Medium Risk

Some useful AWS scripts I use from time to time

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risk due to its potential for executing arbitrary commands and handling user-provided credentials, which could lead to security vulnerabilities.

  • High shell risk due to 'shell=True'
  • High credential risk due to user input for credentials
Per-check LLM notes
  • Network: The network calls are likely intended to retrieve metadata from AWS EC2 instances, which is common and not inherently suspicious.
  • Shell: Executing arbitrary commands with 'shell=True' can introduce significant security risks, suggesting potential for abuse or unintended consequences.
  • Obfuscation: No obfuscation patterns detected in the provided code snippet.
  • Credentials: The code appears to be designed to accept user input for credentials, potentially from a .aws/credentials file, which could indicate a risk of credential exposure or misuse.
  • Metadata: The presence of non-secure links is concerning but there are no clear signs of typosquatting or other malicious intent.

📦 Package Quality Overall: Low (3.0/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (22685 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
◈ Medium Multiple Contributors 6.0

Limited contributor diversity

  • 2 unique contributor(s) across 100 commits in frommelmak/aws-scripts
  • Two distinct contributors found

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • ): try: response = urllib.request.urlopen('http://169.254.169.254/latest/meta-data/instance-id
  • python3.x response = urllib.request.urlopen('http://169.254.169.254/latest/meta-data/public-host
  • except: response = urllib.request.urlopen('http://169.254.169.254/latest/meta-data/local-ipv4'
  • python 3.x response = urllib.request.urlopen('http://169.254.169.254/latest/meta-data/hostname')
  • python 3.x response = urllib.request.urlopen('http://169.254.169.254/latest/meta-data/local-ipv4'
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

  • p_cmd) mongodump_output = subprocess.check_output(mongodump_cmd, shell=True) print(mongodump_output) def
  • out) tarball_output = subprocess.check_output(tarball_cmd, shell=True) print(tarball_output)
  • s.check_output(mongodump_cmd, shell=True) print(mongodump_output) def main(): parser = argp
  • ess.check_output(tarball_cmd, shell=True) print(tarball_output) # remove dumped fil
Credential Harvesting score 7.5

Found 3 credential access pattern(s)

  • the one defined in the .aws/credentials file") parser.add_argument('-u', '--user',
  • the one defined in the .aws/credentials file") parser.add_argument('-s','--show',
  • the one defined in the .aws/credentials file") arg = parser.parse_args() if arg.user and
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links score 6.0

Found 3 suspicious link(s) on the package page

  • Non-HTTPS external link: http://aws.amazon.com/sdkforpython/
  • Non-HTTPS external link: http://calendar.google.com/
  • Non-HTTPS external link: http://docs.aws.amazon.com/autoscaling/latest/userguide/lifecycle-hooks.html
Git Repository History

Repository frommelmak/aws-scripts appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Marcos Martinez" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws-scripts 
Create a fully-functional mini-application called 'AWS Backup Manager' that leverages the 'aws-scripts' package to manage Amazon S3 backups efficiently. This application will serve as a command-line tool that allows users to easily create, delete, and list backups stored in an S3 bucket. The application should include the following features:

1. **Backup Creation**: Users should be able to specify the directory they wish to back up and the target S3 bucket where the backup should be stored. The script should compress the specified directory into a tarball and upload it to the designated S3 bucket.
2. **Backup Deletion**: Provide functionality to delete a specific backup from the S3 bucket based on user input. This could be by specifying the name of the backup file or a unique identifier.
3. **List Backups**: Allow users to view all existing backups stored within the S3 bucket. The output should display each backup's filename, size, and date of creation.
4. **Versioning Support**: Implement support for versioning within the S3 bucket. This means that when a backup is deleted, it's not permanently removed but instead marked as deleted, allowing for recovery if necessary.
5. **Security Enhancements**: Ensure that all data transferred between the local machine and the S3 bucket is encrypted using SSL/TLS. Additionally, implement IAM roles and policies to ensure only authorized actions can be performed on the S3 bucket.
6. **Logging and Monitoring**: Integrate logging capabilities to track all operations performed by the application. Logs should be stored locally or sent to a centralized logging service such as AWS CloudWatch.
7. **Configuration Management**: Allow users to configure the application settings via a configuration file. Settings should include default S3 bucket names, encryption keys, and logging destinations.
8. **User Interface**: Develop a simple yet intuitive command-line interface that guides users through the backup management process. Commands should be clearly labeled and easy to understand.

To utilize the 'aws-scripts' package, you'll need to import relevant modules and functions provided by the package to handle AWS interactions. These might include functions for uploading files to S3, listing objects in a bucket, deleting objects, and managing permissions. Ensure that the application is robust, secure, and efficient, providing valuable tools for managing backups in an AWS environment.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!