agenix-manager

v0.1.0 suspicious
5.0
Medium Risk

NixOS module + TUI CLI for declarative agenix secret management

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risk due to its newness, lack of metadata, and potential use of shell commands which could introduce vulnerabilities.

  • Metadata risk is high due to missing author information and lack of a GitHub repository.
  • Shell risk is notable, indicating potential for command injection or other shell-related vulnerabilities.
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Shell executions are likely related to package functionality involving Nix evaluation commands.
  • Obfuscation: The detected pattern appears to be related to command line option formatting and does not necessarily indicate malicious obfuscation.
  • Credentials: No patterns indicative of credential harvesting were found.
  • Metadata: The package is new, lacks an author name, and has no associated GitHub repository, raising suspicion.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • help="Flake reference for nix eval (default: .)", show_default=True, ) @click.option( "-
Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • ig" try: result = subprocess.run( ["nix", "eval", attr, "--json", "--impure"],
  • try: result = subprocess.run(cmd, check=True, text=True, **kwargs) # type: ignore[arg-ty
  • fig", ) -> dict: result = subprocess.run( ["nix", "eval", "-f", str(FIXTURES / nix_file), att
  • config") -> str: result = subprocess.run( ["nix", "eval", "-f", str(FIXTURES / nix_file), att
  • ext(content) result = subprocess.run( ["nix-instantiate", "--eval", "--strict", str(t
  • ext(content) result = subprocess.run( ["nix-instantiate", "--eval", "--strict", "--js
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: example.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Only one version has ever been released — brand new package
  • Package uploaded less than 24 hours ago (2026-06-05T01:13:39.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)