ayon-python-api

v1.2.20 suspicious
4.0
Medium Risk

AYON Python API

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate network and shell risks due to network calls and subprocess execution, respectively. While these functionalities may serve legitimate purposes, they warrant further scrutiny to ensure proper control measures are in place.

  • moderate network risk
  • potential misuse of subprocess execution
Per-check LLM notes
  • Network: Network calls are made to URLs and include authentication, which is common but should be reviewed for legitimacy.
  • Shell: Subprocess execution is detected, which could indicate legitimate testing functionality but also poses a risk if not properly controlled.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, which might indicate a new or less active account, raising some suspicion but not enough to conclusively label it as malicious.

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 5 test file(s) found

  • 5 test file(s) detected (e.g. test_entity_hub.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (2590 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 553 type-annotated function signatures detected in source
✦ High Multiple Contributors 8.0

Active multi-contributor project

  • 4 unique contributor(s) across 100 commits in ynput/ayon-python-api
  • Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • None: response = requests.get( self._base_url, cert=self._
  • te_token() session = requests.Session() session.cert = self._cert session.verify =
  • oogle.com' response = requests.get( f"{url}/api/info", timeout=timeout,
  • ication/json"} response = requests.post( f"{url}/api/auth/login", headers=headers,
  • f"Bearer {token}", } requests.post( f"{url}/api/auth/logout", headers=headers,
  • der_value) response = requests.get( f"{url}/api/users/me", headers=head
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • s_info()["addons"] ) subprocess.run([sys.executable, "tests/resources/addon/create_package.py"])
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: ynput.io>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository ynput/ayon-python-api appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "ynput.io" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ayon-python-api 
Your task is to create a small but powerful project management tool using the 'ayon-python-api' package. This tool will help teams manage their workflows and tasks more efficiently. The application should allow users to create projects, add tasks to those projects, assign tasks to team members, and track the progress of each task. Additionally, it should provide features such as due dates for tasks, comments on tasks, and notifications for upcoming deadlines. Users should also be able to view a summary of all their ongoing projects and tasks.

Here are the core functionalities you need to implement:
1. **Project Creation**: Allow users to create new projects with a title, description, and start date.
2. **Task Management**: Enable adding tasks to projects with a title, description, due date, and priority level. Tasks can be assigned to specific team members.
3. **Assignment & Progress Tracking**: Assign tasks to different users within the system. Implement a progress tracking feature where users can update the status of their tasks from 'Not Started', 'In Progress', 'Completed', etc.
4. **Notifications & Reminders**: Send out notifications to users when a task they're assigned to is about to reach its due date or if there are any updates on the task.
5. **Comments & Discussion**: Allow team members to leave comments on tasks for discussion and collaboration.
6. **Summary View**: Provide a dashboard-like summary view where users can see an overview of all their current projects and tasks.

The 'ayon-python-api' package is designed to integrate seamlessly with your project management tool, providing a robust backend for managing workflows and tasks. Utilize its core features to handle the creation, updating, and deletion of projects and tasks, user authentication, and real-time communication between users. Your goal is to build a fully functional, user-friendly application that streamlines project and task management for teams.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!