cryptoshield

v0.2.2 suspicious
5.0
Medium Risk

All-in-one crypto security toolkit — honeypot, approvals, rugpull, phishing

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has some legitimate purposes but raises concerns due to its recent upload and limited maintainer information, along with network calls that need further investigation.

  • Recent upload and limited maintainer information
  • Network calls to external services require further investigation
Per-check LLM notes
  • Network: The package makes network calls to a token registry and Solana RPC, which may be legitimate if the package is related to cryptocurrency operations. However, this requires further investigation into the package's purpose.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, suggesting safe handling of secrets.
  • Metadata: The package was uploaded recently and the maintainer has limited information, raising concerns about potential malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • cached try: r = requests.get(TOKEN_REGISTRY_URL, timeout=30) r.raise_for_status()
  • sed"}], } r = requests.post(SOLANA_RPC, json=payload, timeout=15) data = r.json(
  • [mint], } r = requests.post(SOLANA_RPC, json=payload, timeout=15) data = r.json(
  • allet], } r = requests.post(SOLANA_RPC, json=payload, timeout=15) data = r.json(
  • ], } r = requests.post(SOLANA_RPC, json=payload, timeout=15) data = r.json(
  • -> dict: try: r = requests.get(url, params=params, timeout=timeout) r.raise_for_sta
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

GitHub API error: 403

  • GitHub API error: 403
Maintainer History score 6.0

3 maintainer concern(s) found

  • Package uploaded less than 24 hours ago (2026-06-05T05:35:43.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)