AI Analysis
Final verdict: SUSPICIOUS
The package has a low risk profile in terms of network, shell, obfuscation, and credential risks. However, the metadata risk score is high due to recent creation, a single contributor, and sparse activity, which raises suspicion.
- High metadata risk score
- Recently created with sparse activity
Per-check LLM notes
- Network: No network calls detected, which is normal unless the package requires external services.
- Shell: No shell execution patterns detected, indicating no direct system command execution risk.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: High risk due to recent creation, single contributor, and sparse activity.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: thalam.ai>
Suspicious Page Links
All external links appear legitimate
Git Repository History
score 10.0
Git history flags: Repository created very recently: 0 day(s) ago (2026-06-05T03:58:48Z)
Repository created very recently: 0 day(s) ago (2026-06-05T03:58:48Z)Repository appears empty (size = 0)Very few commits: 1 totalSingle contributor with only 1 commit(s) — possibly throwaway account
Maintainer History
score 8.0
4 maintainer concern(s) found
Only one version has ever been released — brand new packagePackage uploaded less than 24 hours ago (2026-06-05T03:54:20.000Z)Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)