azure-pricing-mcp

v0.1.3 suspicious
4.0
Medium Risk

MCP server for estimating Azure service costs using the Azure Retail Prices API

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package appears generally benign but has a high metadata risk due to its rapid commit history and low engagement, raising concerns about potential malicious intent.

  • High metadata risk
  • Rapid commit history with low engagement
Per-check LLM notes
  • Network: The presence of an HTTP client suggests the package may make network calls to Azure services for fetching pricing information, which is expected.
  • Shell: No shell execution patterns detected, indicating no risk of executing system commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The repository's rapid commit history and low engagement suggest potential suspicious activity.

📦 Package Quality Overall: Low (3.4/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3555 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 11 type-annotated function signatures detected in source
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 11 commits in pimentelleo/azure-pricing-mcp
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • None: self._client = httpx.AsyncClient(timeout=REQUEST_TIMEOUT) async def close(self) -> None:
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History score 5.0

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
  • All 11 commits happened within 24 hours
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "pimentelleo" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with azure-pricing-mcp 
Your task is to develop a Python-based mini-application named 'AzureCostEstimator' that leverages the 'azure-pricing-mcp' package to estimate costs for various Azure services based on user input. This application will serve as a valuable tool for both developers and IT administrators who need to forecast costs before deploying resources on Azure.

The application should include the following functionalities:
1. User Authentication: Implement a simple authentication mechanism where users must provide their Azure credentials (subscription ID and API key) to access the pricing data. Ensure these credentials are securely handled.
2. Service Selection: Allow users to select from a list of Azure services they wish to estimate costs for, such as Virtual Machines, Storage Accounts, and SQL Databases.
3. Configuration Input: For each selected service, allow users to specify configurations, such as VM sizes, storage types, and database tiers.
4. Cost Estimation: Use the 'azure-pricing-mcp' package to fetch pricing information from the Azure Retail Prices API based on the provided configurations. Display estimated monthly costs for each selected service.
5. Reporting: Provide a summary report at the end of the session, showing total estimated costs across all selected services.
6. User Interface: Design a clean and intuitive command-line interface (CLI) for ease of use.
7. Error Handling: Implement robust error handling to manage cases where the Azure API returns errors or when user inputs are invalid.
8. Documentation: Write clear documentation explaining how to install and run the application, including setup instructions for Azure credentials.

This project aims to demonstrate the practical application of the 'azure-pricing-mcp' package in real-world scenarios, providing users with a powerful yet easy-to-use tool for cost management in Azure.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!