AI Analysis
Final verdict: SUSPICIOUS
The package shows minimal risk in terms of network, shell execution, and obfuscation. However, the maintainer's limited presence (only one package and no associated GitHub repository) raises some suspicion about potential malicious intent.
- Low risk in network calls, shell execution, and obfuscation.
- Maintainer has only one package and no GitHub repository.
Per-check LLM notes
- Network: No network calls detected, which is normal unless the package's functionality requires external communication.
- Shell: No shell execution patterns detected, indicating the package does not execute system commands.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The maintainer has only one package and no GitHub repository, which may indicate a less experienced or potentially suspicious actor.
Package Quality Overall: Low (3.2/10)
○ Low
Test Suite
1.0
No test suite detected
No test files or test-runner configuration detected
◈ Medium
Documentation
5.0
Some documentation present
Detailed PyPI description (6075 chars)
○ Low
Contributing Guide
4.0
No contributing guide or governance files found
Development Status classifier >= Beta
◈ Medium
Type Annotations
5.0
Partial type annotation coverage
81 type-annotated function signatures detected in source
○ Low
Multiple Contributors
1.0
Unable to verify contributor count: no GitHub repository found
No GitHub repository linked — contributor count unavailable
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: projectapheleia.net
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 2.0
1 maintainer concern(s) found
Author "avl" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities
No known vulnerabilities found in OSV database.
AI App Starter Prompt
Use this prompt to build a project with avl-axi
Create a Python-based simulation tool for verifying the functionality of AMBA AXI protocols using the 'avl-axi' package. Your application should simulate a simple AXI master-slave communication scenario, allowing users to define transactions such as reads and writes between a master and slave device. Here are the steps and features your project should include: 1. **Setup Environment**: Begin by installing the 'avl-axi' package and setting up a virtual environment in Python. Ensure all dependencies required for running the package are also installed. 2. **Define Transaction Classes**: Create classes for different types of AXI transactions like read and write operations. These classes should encapsulate the parameters needed for each transaction type. 3. **Master-Slave Communication Simulation**: Implement a function that simulates communication between an AXI master and slave based on the defined transaction classes. This function should handle the generation of AXI signals and responses according to the specified transactions. 4. **Verification Module**: Use 'avl-axi' functionalities to verify the correctness of the simulated transactions. This includes checking if the master correctly receives data from the slave after a read operation and if the slave correctly acknowledges write requests from the master. 5. **User Interface**: Develop a simple command-line interface where users can input their desired transactions and see the results of the simulation. Additionally, provide options for users to customize the behavior of the master and slave devices within certain limits. 6. **Report Generation**: After running simulations, generate a report summarizing the status of each transaction (success/failure), any errors encountered, and performance metrics like latency. 7. **Documentation**: Write comprehensive documentation explaining how to use your application, including examples of common use cases and how 'avl-axi' is utilized throughout the project. This project will serve as a practical demonstration of AXI protocol verification and the capabilities of the 'avl-axi' package.
💬 Discussion Feed
No discussion yet. Be the first to share your thoughts!
Report Abuse / Security Issue