axiom-cli

v0.1.0 suspicious
5.0
Medium Risk

Axiom CLI is a command-line interface for managing and distributing data model packages using OCI registry specification. It provides a docker-like experience for users to interact with data model packages, allowing them to push, pull, and manage their data models in a standardized way.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some concerning signs due to its minimal activity and poor metadata quality, despite having low risks in terms of network usage, shell execution, obfuscation, and credential handling.

  • Metadata risk score of 4 out of 10
  • New package with limited activity
Per-check LLM notes
  • Network: The use of requests.Session is common and generally safe, but the hardcoded 'http' prefix might indicate potential unencrypted data transfer.
  • Shell: No shell execution patterns detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new with minimal activity and poor metadata quality, raising some suspicion but not definitive indicators of malicious intent.

📦 Package Quality Overall: Low (3.6/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (910 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 45 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 26 commits in sandervd/axiom
  • Single author but highly active (26 commits)

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • f.session: requests.Session = requests.Session() insecure = False self.prefix: str = "http
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ext.ec.europa.eu>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Author "Sander Van Dooren" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with axiom-cli 
Develop a mini-application named 'ModelMover' that leverages the 'axiom-cli' Python package to streamline the management of data model packages within an organization. ModelMover should provide a user-friendly interface for developers and data scientists to easily push, pull, and manage their data models stored in an OCI registry. The application should support the following core functionalities:

1. **Push Data Models**: Allow users to upload their data models to the specified OCI registry. Users should be able to specify the model name, version, and any additional metadata.
2. **Pull Data Models**: Provide functionality to download data models from the registry based on the model name and version. Users should be able to specify the destination path for the downloaded models.
3. **List Available Models**: Display a list of all available data models in the registry, including their versions and metadata. This will help users to quickly find and select the desired model.
4. **Search Models**: Implement a search feature that allows users to search for specific models by name or metadata tags.
5. **Delete Models**: Enable users to delete specific data models from the registry. This should include confirmation prompts to prevent accidental deletions.
6. **Version Management**: Support the creation and management of different versions of the same model, allowing users to keep track of changes and revert to previous versions if needed.
7. **Authentication and Authorization**: Integrate authentication mechanisms to ensure secure access to the data models. Users should be prompted to enter credentials when accessing sensitive models.
8. **User Interface**: Develop a simple but intuitive command-line interface (CLI) for interacting with the application. The UI should provide clear instructions and feedback to the users.
9. **Logging and Reporting**: Implement logging capabilities to record all actions performed through the application. Additionally, generate periodic reports summarizing model activity.

To achieve these functionalities, the 'axiom-cli' package will be utilized extensively. For instance, the 'push' and 'pull' commands provided by 'axiom-cli' will be integrated into ModelMover's core logic. Similarly, other commands like 'list', 'search', and 'delete' will leverage the corresponding features of 'axiom-cli'. The application should also handle exceptions gracefully and provide meaningful error messages to assist users in troubleshooting issues.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!