axto

v0.1.3 suspicious
6.0
Medium Risk

Simple TUI library.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate risk due to potential typosquatting targeting 'moto', despite having low scores in other risk categories.

  • Potential typosquatting targeting 'moto'
  • Low effort and new maintainer activity suggested by metadata
Per-check LLM notes
  • Network: No network calls detected, which is normal if the package does not require internet access.
  • Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows some signs of low effort and potentially new maintainer activity, but lacks direct red flags.
  • Typosquatting target: moto

📦 Package Quality Overall: Low (3.8/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. test.py)
◈ Medium Documentation 5.0

Some documentation present

  • Brief PyPI description (540 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 8 type-annotated function signatures (partial)
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 3.0

Possible typosquat of: moto

  • "axto" is 2 edit(s) from "moto"
Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author "Rioxpi" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with axto 
Create a terminal-based task management tool using the 'axto' Python package. This tool will allow users to manage their daily tasks efficiently through a simple and intuitive Text User Interface (TUI). The application should support basic functionalities such as adding new tasks, marking tasks as completed, deleting tasks, and listing all tasks. Additionally, implement advanced features like filtering tasks based on completion status and searching for specific tasks by keywords. Utilize 'axto' to create an appealing and user-friendly interface that enhances the overall experience of managing tasks directly from the command line.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!