axiom-sc

v0.2.6 suspicious
6.0
Medium Risk

AXIOM-SC: mechanistic cell type annotation via knowledge graph constraints

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential network and shell execution vulnerabilities, as well as signs of obfuscation. While no direct evidence of malicious intent was found, the incomplete metadata raises concerns about its legitimacy.

  • network calls with potential for unauthorized access
  • shell executions without proper sanitization
  • signs of code obfuscation
Per-check LLM notes
  • Network: Network calls suggest legitimate package updates or data retrieval but could be exploited for unauthorized access.
  • Shell: Shell executions may be part of the package's functionality but pose a risk if not properly sanitized or controlled.
  • Obfuscation: The code shows signs of obfuscation through unusual formatting and potential use of private methods which could indicate an attempt to hide functionality.
  • Credentials: No patterns indicative of credential harvesting were detected.
  • Metadata: The author information is incomplete and the maintainer has a single package, which could indicate a less established or potentially suspicious account.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 12 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 12 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (12749 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 247 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • .name} ...") try: urllib.request.urlretrieve(url, dest) size_mb = dest.stat().st_size
  • try: resp = requests.get(self.url, timeout=self.timeout, stream=True) res
  • s[url_key] resp = requests.get(url, stream=True, timeout=300) resp.raise_for_st
  • ser}], } with httpx.Client(timeout=60.0) as client: resp = client.post(
  • ], } with httpx.Client(timeout=60.0) as client: resp = client.post(
Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

  • return self._net(x) def eval(self): self._net.eval() return self def
  • eval(self): self._net.eval() return self def load_state_dict(self, state_d
  • tate_dict(sd) net.eval() self._models.append(net) self._loaded
  • # Validate net.eval() all_preds, all_true = [], [] with torch.no
  • ad_state_dict(sd) net.eval() models.append(net) # Ensemble predict all
  • atches) ───────── net.eval() val_loader, val_census = build_streaming_datapipe(
Shell / Subprocess Execution score 10.0

Found 5 shell execution pattern(s)

  • return result = subprocess.run( [sys.executable, str(script)], check=False,
  • fy CLI works result = subprocess.run( [conda, "run", "-n", self.conda_env, "pyscenic"
  • urn "python" result = subprocess.run( [conda, "run", "-n", self.conda_env, "python",
  • n, ] result = subprocess.run(cmd, capture_output=True, text=True) if result.retur
  • on-zero exit.""" result = subprocess.run(cmd, capture_output=True, text=True, env=env) if result.
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: receptor.bio>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with axiom-sc 
Create a mini-application named 'CellTypeAnnotator' using the Python package 'axiom-sc'. This application will serve as a tool for researchers and biologists to annotate cell types based on their gene expression data. The application should allow users to upload their gene expression datasets and apply the mechanistic cell type annotation process provided by 'axiom-sc'. The output should include annotated cell types along with confidence scores for each annotation.

### Key Features:
1. **User Interface**: Develop a simple yet intuitive web-based user interface using Flask or Django, allowing users to upload their gene expression datasets.
2. **Data Processing**: Implement functionality to preprocess the uploaded data according to 'axiom-sc' requirements, ensuring it is ready for analysis.
3. **Annotation Process**: Utilize 'axiom-sc' to perform the mechanistic cell type annotation on the processed data. Ensure the application leverages the package's ability to apply knowledge graph constraints for more accurate annotations.
4. **Visualization**: Provide visual representations of the annotated cell types using libraries like Plotly or Bokeh, allowing users to explore the results interactively.
5. **Confidence Scores**: Display confidence scores for each annotated cell type, helping users understand the reliability of the annotations.
6. **Documentation and Help**: Include comprehensive documentation and help sections within the application, guiding users through the process from uploading data to interpreting results.

### How 'axiom-sc' is Utilized:
- **Mechanistic Cell Type Annotation**: Use 'axiom-sc' to perform the core annotation process, which involves applying knowledge graph constraints to gene expression data to infer cell types.
- **Knowledge Graph Constraints**: Leverage 'axiom-sc's capability to utilize knowledge graph constraints for enhancing the accuracy and specificity of cell type annotations.
- **Integration with Data Processing**: Ensure seamless integration between the data preprocessing steps and the 'axiom-sc' annotation process, maintaining the integrity and quality of the input data.

This project aims to provide a powerful yet accessible tool for researchers working with gene expression data, facilitating the identification and understanding of different cell types.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!