etap-clf

v0.1.1 suspicious
5.0
Medium Risk

ESM3-based Transformer Attention Protein classifier for binary protein sequence classification

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows signs of potential misuse due to recent upload and incomplete metadata, despite having low risks in network calls, shell execution, and credential harvesting.

  • Metadata risk at 7/10 due to recent upload and incomplete author information.
  • Obfuscation risk at 4/10, though this seems related to legitimate model loading and evaluation.
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires external services.
  • Shell: No shell execution detected, indicating the package does not execute system commands.
  • Obfuscation: The observed patterns appear to be related to model loading and evaluation steps rather than malicious obfuscation.
  • Credentials: No suspicious patterns indicative of credential harvesting were detected.
  • Metadata: The package was uploaded recently with no maintainer history and incomplete author information, raising concerns about its legitimacy.

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

  • ckpt['state_dict']) model.eval() print(f'Model loaded from {model_path}', flush=True)
  • heduler.step() model.eval() val_probs, val_true = [], [] with torch.no
  • te_dict(best_state) model.eval() te_probs, te_preds, te_true = [], [], [] with torc
  • pretrained('esm3_sm_open_v1').eval() # bfloat16 on all devices: halves model weight memory
Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 6.0

3 maintainer concern(s) found

  • Package uploaded less than 24 hours ago (2026-06-05T01:39:30.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)