Package Metadata

Author: Python Security Architect
Email: senyangcai <[email protected]>
PyPI: secure-sandbox
Python: >=3.8
Versions: 1 release
First release: 05 Jun 2026, 07:33 UTC
Analysed: 05 Jun 2026, 08:02 UTC
Source files: 16 .py files scanned

Project Links

Documentation Homepage Issues Repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.8Programming Language :: Python :: 3.9

🤖 AI Analysis

Final verdict: MALICIOUS

The package 'secure-sandbox' exhibits multiple red flags including high risks associated with shell execution, obfuscation techniques, credential harvesting, and suspicious metadata. These indicators strongly suggest a potential supply-chain attack.

High shell risk due to shell execution
Use of 'eval' and 'exec' indicating obfuscation
Access to '/etc/passwd' for credential harvesting
Suspicious metadata with no repository content and single author

Per-check LLM notes

Network: No network calls were detected, which is normal unless specific network functionality is expected.
Shell: The presence of shell execution attempts suggests potential security risks, especially in a package named 'secure-sandbox', indicating possible unauthorized system access or privilege escalation.
Obfuscation: The presence of 'eval' and 'exec' suggests an attempt to bypass security checks, likely for malicious purposes.
Credentials: Accessing '/etc/passwd' and mentioning private attribute attacks indicates potential attempts to harvest sensitive information.
Metadata: The package is highly suspicious due to its recent creation, lack of repository content, and single author with limited history.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

eval攻击", ASTValidationError, "eval('__import__(\"os\")')"), ("exec攻击", ASTValidationError,
""测试eval调用""" code = "eval('1 + 2')" with pytest.raises(ASTValidationE
try: code_obj = compile(tree, '<sandbox>', 'exec', dont_inherit=True) except Exception as e:
", ASTValidationError, "eval('__import__(\"os\")')"), ("exec攻击", ASTValidationError, "exec('import os')"
module = builtins.__import__(name, globals, locals, fromlist, level) return module except ImportErro
port__函数逃逸""" code = "__import__('os')" with pytest.raises(SandboxSecurityError):

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

code = """ import os os.system('whoami') """ with pytest.raises(ASTValidat

⚠ Credential Harvesting score 5.0

Found 2 credential access pattern(s)

", ASTValidationError, "open('/etc/passwd')"), ("私有属性攻击", SandboxSecurityError, "class C:\n _x=1
en调用""" code = "open('/etc/passwd')" with pytest.raises(ASTValidationError):

✓ Typosquatting

No typosquatting candidates detected

⚠ Registered Email Domain score 3.0

Suspicious email domain flags: Very short email domain: qq.com>

Very short email domain: qq.com>

✓ Suspicious Page Links

All external links appear legitimate

⚠ Git Repository History score 7.5

Git history flags: Repository created very recently: 0 day(s) ago (2026-06-05T07:25:28Z)

Repository created very recently: 0 day(s) ago (2026-06-05T07:25:28Z)
Repository appears empty (size = 0)
All 4 commits happened within 24 hours

⚠ Maintainer History score 6.0

3 maintainer concern(s) found

Only one version has ever been released — brand new package
Package uploaded less than 24 hours ago (2026-06-05T07:33:20.000Z)
Author "Python Security Architect" appears to have only 1 package on PyPI (new or inactive account)