Package Metadata

Author: —
Email: Suede AI <[email protected]>
PyPI: suede-ai
Python: >=3.10
Versions: 1 release
First release: 05 Jun 2026, 04:55 UTC
Analysed: 05 Jun 2026, 05:15 UTC
Source files: 5 .py files scanned

Project Links

Homepage Issues Repository x402 manifest

Classifiers

Development Status :: 3 - AlphaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential obfuscation and metadata issues. Further investigation is needed to confirm its safety.

Obfuscation risk detected
Lack of maintainer details

Per-check LLM notes

Network: The package makes network calls to a specific URL, which is expected for services requiring API access but warrants further investigation into the purpose and security of these calls.
Shell: No shell execution patterns were detected.
Obfuscation: The observed patterns suggest an attempt at obfuscation, possibly to hide the content of the header from casual inspection, but without more context, it's hard to determine if this is malicious.
Credentials: No clear signs of credential harvesting are present based on the provided code snippets.
Metadata: The package is new, lacks maintainer details, and the author seems to be inactive or new.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

self._http = http_client or httpx.Client( base_url=self._base_url, timeout=ti
Transport(handler) http = httpx.Client(transport=transport, base_url="https://app.suedeai.ai")

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

oad. decoded = json.loads(base64.b64decode(header)) assert decoded == payload # x402 envelope
decoded = json.loads(base64.b64decode(header)) assert decoded["scheme"] == "exact"

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: suedeai.ai>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Suede-AI/suede-sdk-python appears legitimate

⚠ Maintainer History score 8.0

4 maintainer concern(s) found

Only one version has ever been released — brand new package
Package uploaded less than 24 hours ago (2026-06-05T04:55:01.000Z)
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)