azure-genome

v0.1.4 suspicious
6.0
Medium Risk

A Python package for Azure Genome.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of potential obfuscation and has the capability to execute shell commands, which raises concerns about its legitimacy and intended use.

  • High obfuscation risk due to use of eval and compile functions
  • Potential shell risk from subprocess.Popen usage
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external API access.
  • Shell: The use of subprocess.Popen indicates potential shell execution, which could be legitimate but also suggests caution as it might be used for malicious purposes like command execution.
  • Obfuscation: The code uses eval and compile functions which can be indicative of obfuscation or hiding code logic, raising suspicion.
  • Credentials: No clear patterns indicating credential harvesting were found.
  • Metadata: The author's information is sparse and the account seems new or inactive, raising some concerns but not conclusive evidence of malicious intent.

📦 Package Quality Overall: Low (4.4/10)

✦ High Test Suite 9.0

Test suite present — 1 test file(s) found

  • Test runner config found: pyproject.toml
  • 1 test file(s) detected (e.g. test_cases.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (6253 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 158 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 10.0

Found 5 obfuscation pattern(s)

  • n_expr(self): flags = eval(self.flags, G_FLAGS) fields_expr = [c_field.as_field
  • join(lines) # compile(pysource, "cffi_init", "exec") # self._embedding = pysource def def
  • 2.6 compatibility code = compile(src, filename, 'exec') exec(code, glob, glob) def add_cffi_module(dist, mo
  • or Python 3) instead of # __import__() to load the build script. The problem with # a normal
  • ry: pkg = __import__(self.ext_package, None, None, ['__doc__']) except ImportError: ret
Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • ibname) try: pc = subprocess.Popen(a, stdout=subprocess.PIPE, stderr=subprocess.PIPE) excep
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with azure-genome 
Create a web-based application using Python and the 'azure-genome' package that allows users to upload genomic data files (such as VCF or BAM files) and perform basic analysis on the cloud. The application should have the following features:

1. User Authentication: Implement user authentication using Flask-Login for secure access.
2. File Upload: Allow users to upload their genomic data files securely via the web interface.
3. Data Processing: Use 'azure-genome' to process uploaded genomic data on Azure's cloud infrastructure. This includes tasks such as variant calling, alignment, and annotation.
4. Visualization: Provide visual representations of the processed data through graphs and charts using libraries like Plotly or Matplotlib.
5. Report Generation: Automatically generate reports summarizing the findings from the analysis, which can be downloaded by the user.
6. Documentation: Include comprehensive documentation on how to use the application and integrate it with other tools or services.

The 'azure-genome' package will be utilized to leverage Azure's powerful cloud computing capabilities for handling large genomic datasets efficiently. Users should be able to see real-time progress updates during data processing and receive notifications once the analysis is complete.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!