jupyterlab-acp

v0.0.1 suspicious
5.0
Medium Risk

Jupyter-native access to coding agents over the Agent Client Protocol (ACP): per-chat single-agent binding.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits some legitimate functionality but raises concerns due to incomplete metadata and potential unnecessary use of shell execution.

  • Metadata risk score of 7/10 due to incomplete maintainer history.
  • Shell risk score of 4/10 indicating potential unnecessary execution of external commands.
Per-check LLM notes
  • Network: The observed network calls are typical for fetching remote resources or updates, but unusual behavior should be monitored.
  • Shell: Executing external commands can be legitimate for package initialization, but poses higher risk and should be thoroughly reviewed for its necessity and legitimacy.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is new and lacks maintainer history, with incomplete author information, raising suspicion.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • str) -> bytes: request = urllib.request.Request(url, headers={"User-Agent": _USER_AGENT}) with u
  • gent": _USER_AGENT}) with urllib.request.urlopen(request, timeout=120) as resp: return resp.r
  • [str, Any]: request = urllib.request.Request(self._url, headers={"User-Agent": _USER_AGENT})
  • ": _USER_AGENT}) with urllib.request.urlopen(request, timeout=10) as resp: return jso
  • "application/json" req = urllib.request.Request(url, data=data, method=method, headers=headers)
  • ders) try: resp = urllib.request.urlopen(req, timeout=10) return resp.status, json.lo
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

  • is first on PATH. proc = subprocess.Popen( [ sys.executable, "-m", "jupyter_server
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: berkeley.edu>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 3.0

GitHub API error: 403

  • GitHub API error: 403
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T05:34:29.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)