Package Metadata

Author: NGKsSystems
Email: —
PyPI: devfabeco-buildcore
Python: >=3.11
Versions: 1 release
First release: 05 Jun 2026, 05:50 UTC
Analysed: 05 Jun 2026, 06:15 UTC
Source files: 21 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersLicense :: Other/Proprietary LicenseOperating System :: Microsoft :: WindowsProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Build Tools

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits a moderate risk profile due to its minimal activity and suspicious credential handling practices.

High credential risk due to attempts to access sensitive files
Low network and shell risks but high metadata risk due to package novelty

Per-check LLM notes

Network: No network calls were detected, which is low risk.
Shell: Subprocess execution is present but does not indicate malicious intent without further context; however, it warrants caution.
Obfuscation: No obfuscation patterns were detected.
Credentials: The code appears to be attempting to access sensitive files using relative paths, which is indicative of potential credential harvesting.
Metadata: The package is very new with minimal activity, raising suspicion for potential malicious intent.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

RT", cmd=cmd) proc = subprocess.run(cmd, text=True, capture_output=True, encoding="utf-8", error
--pf", str(proof_root)]) subprocess.run(command, check=False) return 2 def _default_jobs(v
) try: proc = subprocess.run( [sys.executable, "-c", "print('SPAWN_OK')"],
try: result = subprocess.run( [str(_VSWHERE), "-latest", "-property", "i
/c string. result = subprocess.run( ["cmd.exe", "/c", f'call "{vcvars}" > nul 2>&1
# before passing to subprocess.Popen (which would otherwise try to # find a file

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

sets ``inputs = ["../../../../etc/passwd"]`` and makes the rejection message unambiguous ("c
on a relative path like "../../etc/passwd" yields # ('..', '..', 'etc', 'passwd') — any ".." par

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

No author email provided

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

Repository has zero stars and zero forks

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Package uploaded less than 24 hours ago (2026-06-05T05:50:01.000Z)
Author "NGKsSystems" appears to have only 1 package on PyPI (new or inactive account)