ghost-reader

v0.1.0 suspicious
6.0
Medium Risk

Persona-driven fiction review simulator CLI

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of potential misuse with moderate risks related to network and credential handling. While not conclusive, the combination of factors raises concerns about its legitimacy.

  • Moderate network risk
  • Potential credential handling
Per-check LLM notes
  • Network: The observed network calls could be legitimate API interactions, but without understanding the purpose and destination of these requests, there is a medium risk of unexpected data transmission.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns were detected.
  • Credentials: The presence of token retrieval suggests potential credential handling, requiring further review to confirm legitimacy.
  • Metadata: The package is suspicious due to its recent upload, single version history, and lack of maintainer information.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • earer {token}" request = urllib.request.Request( RELEASES_API, headers=headers,
  • , ) try: with urllib.request.urlopen(request, timeout=8) as response: payload
  • try: req = urllib.request.Request( endpoint, data=payl
  • ) resp = urllib.request.urlopen(req, timeout=30) if 200 <= resp.status <
  • e API try: resp = urllib.request.urlopen("http://127.0.0.1:19876/api/state", timeout=5)
  • rowser.", ) request = urllib.request.Request( "http://127.0.0.1:19877/api/feedback",
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting score 2.5

Found 1 credential access pattern(s)

  • os.environ.get("GH_TOKEN") or os.environ.get("GITHUB_TOKEN") headers = { "Accept": "application/vnd.github
Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: kevindchin.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

GitHub API error: 403

  • GitHub API error: 403
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T06:39:19.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)