AI Analysis
Final verdict: SUSPICIOUS
The package exhibits several behaviors that raise concerns about its legitimacy and security, particularly regarding shell execution, obfuscation, and credential handling.
- Shell risk due to uncontrolled URL opening
- Obfuscation techniques used, possibly for malicious intent
- Potential insecure handling of AWS credentials
Per-check LLM notes
- Network: The network calls appear to be related to AWS services and might include legitimate callbacks or state management, but the use of 'http://127.0.0.1' suggests internal communication which may not be typical for a public package.
- Shell: The shell execution patterns seem to open URLs using OS-specific commands, which could be benign if intended for user interaction but raises concern if not properly documented or controlled.
- Obfuscation: The presence of base64 decoding and import manipulation suggests potential obfuscation, but it could also be legitimate for various purposes like data encryption or package extension.
- Credentials: The code retrieves AWS environment variables which could indicate legitimate usage for AWS service interactions, but also poses a risk if not properly secured, potentially leading to unauthorized access.
- Metadata: The maintainer has only one package on PyPI, which might indicate a new or less active account, but no other red flags are present.
Package Quality Overall: Medium (6.6/10)
✦ High
Test Suite
9.0
Test suite present — 25 test file(s) found
Test runner config found: conftest.pyTest runner config found: pyproject.toml25 test file(s) detected (e.g. conftest.py)
◈ Medium
Documentation
7.0
Some documentation present
Documentation URL: "docs" -> https://awslabs.github.io/mcp/servers/aws-transform-mcp-servDetailed PyPI description (21604 chars)
○ Low
Contributing Guide
2.0
No contributing guide or governance files found
No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium
Type Annotations
5.0
Partial type annotation coverage
165 type-annotated function signatures detected in source
✦ High
Multiple Contributors
10.0
Active multi-contributor project
42 unique contributor(s) across 100 commits in awslabs/mcpActive community — 5 or more distinct contributors
Heuristic Checks
Outbound Network Calls
score 7.5
Found 5 network call pattern(s)
de&state={state}' urllib.request.urlopen(callback_url, timeout=5) with (try: urllib.request.urlopen( f'http://127.0.0.1:{port}/oauthregion, ) async with httpx.AsyncClient() as client: response = await request_with_retry(te_write_path async with httpx.AsyncClient() as client: response = await client.get(s3_url, folestHeaders')) async with httpx.AsyncClient() as client: s3_response = await client.put(
Code Obfuscation
score 8.0
Found 4 obfuscation pattern(s)
content_bytes = base64.b64decode(content) else: content_bytes = camespace packages. __path__ = __import__('pkgutil').extend_path(__path__, __name__) # Copyright Amazon.com, Inock_config.token_expiry = int(__import__('time').time()) + 3600 mock_config.origin = 'https://test.telse __builtins__.__import__(name, *args, **kwargs) # noqa: A003 ), ): # This
Shell / Subprocess Execution
score 4.0
Found 2 shell execution pattern(s)
stem == 'Darwin': subprocess.Popen(['open', url], **popen_kwargs) elif system == 'WindoAPI else: subprocess.Popen(['xdg-open', url], **popen_kwargs) except Exception:
Credential Harvesting
score 10.0
Found 6 credential access pattern(s)
if set.""" profile = (os.environ.get('AWS_PROFILE') or '').strip() or None return boto3.Sessioreturn ( os.environ.get('AWS_REGION') or (session.region_name if session elset URL. """ override = os.environ.get('AWS_TRANSFORM_API_ENDPOINT') if override: return ovet URL. """ override = os.environ.get('AWS_TRANSFORM_TCP_ENDPOINT') if override: return oveE={}, AWS_REGION={}', os.environ.get('AWS_PROFILE'), os.environ.get('AWS_REGION'), ) sn.get('AWS_PROFILE'), os.environ.get('AWS_REGION'), ) session = AwsHelper.create_session()
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: users.noreply.github.com>
Suspicious Page Links
score 2.0
Found 1 suspicious link(s) on the package page
Non-HTTPS external link: http://`
Git Repository History
Repository awslabs/mcp appears legitimate
Maintainer History
score 2.0
1 maintainer concern(s) found
Author "Amazon Web Services" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with awslabs.aws-transform-mcp-server
Develop a comprehensive mini-application that leverages the 'awslabs.aws-transform-mcp-server' package to facilitate end-to-end management of AWS Transform workspaces, jobs, connectors, HITL tasks, artifacts, and chat functionalities. Your application should allow users to perform the following actions: 1. Create, update, and delete transformation workspaces. 2. Initiate, monitor, and terminate transformation jobs. 3. Manage connectors for data ingestion and export. 4. Handle Human-in-the-Loop (HITL) tasks for fine-tuning models. 5. Store and retrieve artifacts related to transformations. 6. Engage in real-time chat sessions within the workspace context. The application should also include a user-friendly interface for easy navigation and interaction. Additionally, implement logging and error handling mechanisms to ensure robustness and reliability. Use the 'awslabs.aws-transform-mcp-server' package to handle the backend operations, while developing a simple yet effective frontend using technologies like Flask or Django for web-based access. Ensure your application demonstrates the integration of MCP server functionalities in a practical and efficient manner.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue