AI Analysis
Final verdict: SUSPICIOUS
The package shows potential credential misuse risks due to accessing environment variables without clear documentation. Additionally, the lack of a GitHub repository raises questions about its origin and legitimacy.
- credential risk due to access of environment variables
- lack of a GitHub repository
Per-check LLM notes
- Network: No network calls detected.
- Shell: Detected shell executions are likely for testing purposes.
- Obfuscation: No obfuscation patterns detected in the provided code snippet.
- Credentials: The code is accessing environment variables which may indicate legitimate usage but poses a risk if not properly secured or used inappropriately.
- Metadata: The package is new and lacks a GitHub repository, raising concerns about its legitimacy and purpose.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
score 4.0
Found 2 shell execution pattern(s)
un pytest proc = subprocess.run( [sys.executable, "-m", "pytest", "-q", "--try: proc = subprocess.run( ["npm", "test", "--", "--watchAll=false"],
Credential Harvesting
score 2.5
Found 1 credential access pattern(s)
solve() self.token = os.getenv("GITHUB_TOKEN") self.repo_name = os.getenv("GITHUB_REPO")
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: gutshape.com
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 6.0
3 maintainer concern(s) found
Only one version has ever been released — brand new packagePackage uploaded less than 24 hours ago (2026-06-05T05:23:17.000Z)Author "GutShape" appears to have only 1 package on PyPI (new or inactive account)