visionbot-sdk

v0.1.0 suspicious
4.0
Medium Risk

A high-performance Android automation SDK featuring low-latency frame grabbers and instant touch injection.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some potential risks, particularly concerning shell execution and metadata that raises suspicion due to lack of associated repositories or significant activity.

  • Shell risk due to 'adb' command execution
  • Metadata risk as the package is newly created with limited activity
Per-check LLM notes
  • Network: The network call is to localhost which may be intended for internal communication but should be reviewed for its purpose and necessity.
  • Shell: Executing 'adb' commands suggests interaction with Android devices, which could be legitimate for a package named 'visionbot-sdk'. However, uncontrolled shell execution poses a risk if not properly sanitized.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package is newly created with limited activity and no associated GitHub repository, raising suspicion.

🔬 Heuristic Checks

Outbound Network Calls score 1.5

Found 1 network call pattern(s)

  • _STREAM) self.socket.connect(("127.0.0.1", self.port)) self.socket.settim
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • lf): try: subprocess.run(["adb", "version"], stdout=subprocess.DEVNULL, stderr=subpro
  • (self) -> str: proc = subprocess.run(["adb", "devices"], stdout=subprocess.PIPE, text=True, check
  • ["shell", cmd] proc = subprocess.run(full_cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE, te
  • issues proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.DEVNULL)
  • , f"tcp:{self.port}"] subprocess.run(forward_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DE
  • "--type", "usb"] subprocess.Popen(monkey_cmd, stdout=subprocess.DEVNULL, stderr=subprocess.DEV
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T04:57:27.000Z)
  • Author "Dhruv Jain" appears to have only 1 package on PyPI (new or inactive account)