deepcloak

v0.1.0 suspicious
6.0
Medium Risk

Local-first deep research agent that reads the whole web — even pages behind Cloudflare, Datadome, Turnstile & reCAPTCHA.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderately high risk due to its recent and rapid development cycle, which raises suspicion about potential malicious intent despite no clear evidence of direct harm or obfuscation.

  • High metadata risk due to recent and rapid commits
  • Potential shell risk from subprocess execution
Per-check LLM notes
  • Network: The use of requests for network calls is common and not inherently suspicious unless the destination URLs are known to be malicious.
  • Shell: Subprocess execution to install dependencies like playwright might be legitimate but requires caution as it can potentially execute arbitrary commands.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity.
  • Credentials: No credential harvesting patterns detected, indicating low risk of secret theft.
  • Metadata: Highly suspicious due to recent repository creation and rapid commit history, indicating potential malicious intent.

🔬 Heuristic Checks

Outbound Network Calls score 3.0

Found 2 network call pattern(s)

  • import requests r = requests.get( f"{base_url.rstrip('/')}/search", params={"
  • stalled") from exc return requests.get(url, timeout=timeout, headers={"User-Agent": _UA}) def ste
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • l() -> bool: try: subprocess.run( [sys.executable, "-m", "playwright", "install",
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: baeksang.dev>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 5.0

Git history flags: Repository created very recently: 1 day(s) ago (2026-06-04T13:50:36Z)

  • Repository created very recently: 1 day(s) ago (2026-06-04T13:50:36Z)
  • All 34 commits happened within 24 hours
Maintainer History score 10.0

5 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T02:05:20.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)