Package Metadata

Author: —
Email: Witty Team <[email protected]>
PyPI: test-witty
Python: >=3.11
Versions: 1 release
First release: 05 Jun 2026, 07:40 UTC
Analysed: 05 Jun 2026, 08:01 UTC
Source files: 62 .py files scanned

Project Links

changelog documentation homepage repository

Classifiers

Development Status :: 4 - BetaIntended Audience :: DevelopersLicense :: OSI Approved :: MIT LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Application Frameworks

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has a moderate risk score due to potential shell execution risks and incomplete metadata. These factors suggest caution but do not conclusively indicate malicious intent.

Shell risk detected
Incomplete metadata

Per-check LLM notes

Network: No network calls detected, which is neutral.
Shell: Detection of shell execution patterns may indicate the package performs system-level tasks, but without further context, it's hard to determine if they are benign or malicious.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The presence of non-secure links and a newly created package with incomplete maintainer information raises suspicion.

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 8.0

Found 4 shell execution pattern(s)

nv.update(dict(env)) cp = subprocess.run(args, capture_output=True, text=True, env=merged_env) re
ce"] try: subprocess.run(command, check=True, capture_output=True, text=True)
try: result = subprocess.run(command, check=True, capture_output=True, text=True)
try: result = subprocess.run( [ "openclaw",

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: witty.dev>

⚠ Suspicious Page Links score 6.0

Found 3 suspicious link(s) on the package page

Non-HTTPS external link: http://127.0.0.1:8000/healthz
Non-HTTPS external link: http://127.0.0.1:8000/agents
Non-HTTPS external link: http://127.0.0.1:8000/agents/${AGENT_ID}/sessions/${SESSION_ID}/messages

⚠ Git Repository History score 3.0

GitHub API error: 403

GitHub API error: 403

⚠ Maintainer History score 8.0

4 maintainer concern(s) found

Only one version has ever been released — brand new package
Package uploaded less than 24 hours ago (2026-06-05T07:40:05.000Z)
Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)