AI Analysis
Final verdict: SUSPICIOUS
The package has minimal risks in terms of network, shell, and obfuscation activities. However, the lack of proper metadata and a linked GitHub repository suggests potential low-quality or malicious intent.
- Minimal effort in metadata
- No linked GitHub repository
Per-check LLM notes
- Network: No network calls detected, which is normal unless the package requires external services.
- Shell: No shell execution patterns detected, indicating no direct system command execution risk.
- Obfuscation: No obfuscation patterns detected, indicating low risk of malicious activity related to code obfuscation.
- Credentials: No credential harvesting patterns detected, indicating low risk of malicious activity related to stealing credentials.
- Metadata: The package shows signs of being newly created with minimal effort put into metadata and lacks a linked GitHub repository.
Heuristic Checks
Outbound Network Calls
No suspicious network call patterns found
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: romutech.net>
Suspicious Page Links
All external links appear legitimate
Git Repository History
No GitHub repository linked
No GitHub repository link found
Maintainer History
score 6.0
3 maintainer concern(s) found
Package uploaded less than 24 hours ago (2026-06-04T23:29:20.000Z)Author "IronRomulus" appears to have only 1 package on PyPI (new or inactive account)Package has no PyPI classifiers (low effort / metadata quality)