babon

v1.1.0 suspicious
8.0
High Risk

Babon kinematics-as-a-service client. Video in, movement data out.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits significant credential and metadata risks, alongside potential shell execution. These factors combined with apparent typosquatting raise concerns about its legitimacy and security.

  • High credential risk due to plain text storage of API keys
  • Signs of typosquatting targeting 'babel'
  • Potential for unsafe shell command execution
Per-check LLM notes
  • Network: The network patterns suggest the package may be making external calls, which could be legitimate depending on its functionality.
  • Shell: The shell execution pattern indicates potential system command execution, which is high risk if not properly documented and controlled within the package's intended use.
  • Obfuscation: No obfuscation patterns detected in the provided code snippet.
  • Credentials: The code prompts for an API key and stores it in plain text, which could be a risk if not handled securely.
  • Metadata: The package shows signs of potential typosquatting and lacks maintainer information, raising concerns.
  • Typosquatting target: babel

📦 Package Quality Overall: Low (4.8/10)

✦ High Test Suite 9.0

Test suite present — 13 test file(s) found

  • 13 test file(s) detected (e.g. test_analyses.py)
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://api.babon.eu/api/v1/docs
  • Detailed PyPI description (3972 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 119 type-annotated function signatures detected in source
○ Low Multiple Contributors 1.0

Unable to verify contributor count: no GitHub repository found

  • No GitHub repository linked — contributor count unavailable

🔬 Heuristic Checks

Outbound Network Calls score 7.5

Found 5 network call pattern(s)

  • ies)) self._session = requests.Session() # Injected for tests so they don't actually sleep.
  • rb") as f: put_resp = requests.put( presigned_url, data=f,
  • ries)) self._client = httpx.AsyncClient(timeout=timeout_s) self._sleep = sleep async de
  • t", max_retries=0) mock = httpx.AsyncClient(transport=httpx.MockTransport(handler)) client._transpor
  • client._transport._client = httpx.AsyncClient( transport=httpx.MockTransport(handler)
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • n None try: out = subprocess.run( [ "ffprobe", "-v", "error", "-s
Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • prompt_key = (args.key or getpass.getpass("Paste your Babon API key (bk_...): ")).strip() if not p
Typosquatting score 3.0

Possible typosquat of: babel

  • "babon" is 2 edit(s) from "babel"
Registered Email Domain

Email domain looks legitimate: babon.eu>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with babon 
Create a real-time human motion analysis tool using the 'babon' package. This application will take video input from a webcam and output detailed movement data of a person's joints. Here's a step-by-step guide on how to develop this application:

1. **Setup Environment**: Ensure you have Python installed and create a virtual environment. Install necessary packages including 'babon', OpenCV for video capture, and any other dependencies.
2. **Video Capture Initialization**: Use OpenCV to initialize the webcam and start capturing frames.
3. **Integrate Babon**: Utilize 'babon' to process each frame from the webcam. Babon will analyze the video feed and extract joint positions and movements.
4. **Data Visualization**: Display the detected joints on the video stream in real-time. Consider adding animations or overlays to make the movements more understandable.
5. **Movement Data Output**: Save the extracted movement data to a file or database for later analysis. Implement functionality to filter and categorize different types of movements.
6. **User Interface**: Develop a simple GUI using libraries like Tkinter or PyQt. The UI should allow users to start/stop the analysis, view recorded movements, and export data.
7. **Testing & Validation**: Test the application with various movements to ensure accuracy. Validate the results against known movement patterns if possible.
8. **Documentation & Deployment**: Write documentation detailing setup, usage, and customization options. Prepare the app for deployment on platforms like PyPI or GitHub.

Suggested Features:
- Real-time feedback on screen with overlay of joint positions.
- Option to record sessions for later review.
- Basic analytics such as speed, distance, and frequency of movements.
- Adjustable sensitivity settings to fine-tune detection.
- Export data in CSV or JSON format for further analysis.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!