AI Analysis
Final verdict: SAFE
The package appears to be primarily a utility for querying AWS APIs with limited risks identified. While there are some concerns regarding metadata and credential checks, these do not strongly suggest malicious intent.
- No network or shell risks detected.
- Sparse metadata and repository details increase uncertainty about the package's origin.
Per-check LLM notes
- Network: No network calls detected, which is normal for most packages.
- Shell: The shell execution patterns seem to be related to displaying help information, which is common and usually benign.
- Obfuscation: No obfuscation patterns detected in the provided code snippet.
- Credentials: The assertion of an environment variable for a test case may indicate a benign check rather than credential harvesting, but it should be reviewed within the broader context of the package.
- Metadata: The repository is not found and the maintainer information is sparse, indicating potential unreliability.
Package Quality Overall: Medium (6.6/10)
✦ High
Test Suite
9.0
Test suite present — 47 test file(s) found
Test runner config found: pyproject.tomlTest runner config found: conftest.py47 test file(s) detected (e.g. __init__.py)
◈ Medium
Documentation
7.0
Some documentation present
Documentation URL: "Documentation" -> https://awsquery.readthedocs.ioDetailed PyPI description (23046 chars)
✦ High
Contributing Guide
9.0
Has contribution guidelines and governance files
Governance file: security.pyDevelopment Status classifier >= Beta
◈ Medium
Type Annotations
7.0
Partial type annotation coverage
Type checker (mypy / pyright / pytype) referenced in project36 type-annotated function signatures detected in source
○ Low
Multiple Contributors
1.0
Could not retrieve contributor data from GitHub
GitHub API error: 404
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
score 8.0
Found 4 shell execution pattern(s)
section.""" result = subprocess.run( [sys.executable, "-m", "awsquery.cli", "--help"ructions.""" result = subprocess.run( [sys.executable, "-m", "awsquery.cli", "--help"ion link.""" result = subprocess.run( [sys.executable, "-m", "awsquery.cli", "--help"l config.""" result = subprocess.run( [sys.executable, "-m", "awsquery.cli", "--help"
Credential Harvesting
score 2.5
Found 1 credential access pattern(s)
re AWS_PROFILE assert os.environ.get("AWS_PROFILE") == "test" class TestActionCompleter: @patch
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: flomotlik.me>
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 3.0
Repository not found (deleted or private)
Repository not found (deleted or private)
Maintainer History
score 4.0
2 maintainer concern(s) found
Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with awsquery
Your task is to develop a Python-based utility named 'AWSQueryExplorer' that leverages the 'awsquery' package to provide users with an intuitive way to query AWS services and filter results based on specific criteria. This utility should support various operations such as listing EC2 instances, S3 buckets, RDS databases, and more, while allowing users to apply custom filters and automatically resolving required parameters using 'awsquery'. ### Key Features: 1. **User-Friendly CLI Interface**: Design a simple yet powerful command-line interface where users can easily interact with AWS services. 2. **Dynamic Service Selection**: Allow users to select which AWS service they want to query from a predefined list of supported services. 3. **Flexible Filtering Options**: Implement advanced filtering capabilities so users can specify conditions like instance state, bucket region, database engine, etc., to narrow down their search results. 4. **Automatic Parameter Resolution**: Utilize 'awsquery' to automatically handle the resolution of required parameters (e.g., AWS access keys, regions), enhancing user experience by reducing manual configuration. 5. **Output Customization**: Provide options for users to choose how they want their output displayed, such as JSON, CSV, or plain text formats. 6. **Error Handling & Logging**: Ensure robust error handling mechanisms are in place to manage API errors gracefully and maintain logs for troubleshooting purposes. 7. **Security Measures**: Incorporate security best practices, such as securely storing credentials and adhering to least privilege principles when accessing AWS resources. ### Implementation Steps: 1. **Setup Project Environment**: Initialize your Python project environment, install necessary dependencies including 'awsquery', and configure a virtual environment. 2. **CLI Development**: Use frameworks like Click or argparse to develop a user-friendly CLI interface. 3. **Service & Filter Configuration**: Define classes or modules for each AWS service you wish to support, detailing available filters and actions. 4. **Integration with awsquery**: Integrate 'awsquery' functionalities into your utility to streamline the process of querying AWS APIs and applying filters. 5. **Output Formatting**: Implement logic to format outputs according to user preferences. 6. **Testing & Validation**: Conduct thorough testing to ensure all features work as expected, including edge cases and error scenarios. 7. **Documentation & Deployment**: Document your codebase and deployment instructions, preparing your utility for wider distribution. This project aims to showcase the power and flexibility of 'awsquery' while providing a practical tool for AWS administrators and developers alike.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue