AI Analysis
Final verdict: SUSPICIOUS
The package has a moderate risk score due to its new upload status and lack of maintainer details, which raises concerns about its authenticity and purpose.
- Metadata risk: New package with minimal maintainer history
- Suspicious lack of author details
Per-check LLM notes
- Network: The observed network calls seem to be fetching IP addresses which is consistent with the package's presumed functionality of 'official-ip-fetcher'. However, the legitimacy depends on the official source of these IPs.
- Shell: No shell execution patterns were detected.
- Obfuscation: No obfuscation patterns detected, indicating low risk.
- Credentials: No credential harvesting patterns detected, indicating low risk.
- Metadata: The package is newly uploaded with minimal maintainer history and no author details provided, raising suspicion.
Heuristic Checks
Outbound Network Calls
score 4.5
Found 3 network call pattern(s)
re.com/ips-v4" response = requests.get(url) if response.status_code == 200: ips = []re.com/ips-v6" response = requests.get(url) if response.status_code == 200: ips = []port requests response = requests.get(url) if response.status_code == 200: response_js
Code Obfuscation
No obfuscation patterns detected
Shell / Subprocess Execution
No shell execution patterns detected
Credential Harvesting
No credential harvesting patterns detected
Typosquatting
No typosquatting candidates detected
Registered Email Domain
Email domain looks legitimate: xethh.me>
Suspicious Page Links
All external links appear legitimate
Git Repository History
Repository pypa/sampleproject appears legitimate
Maintainer History
score 8.0
4 maintainer concern(s) found
Only one version has ever been released — brand new packagePackage uploaded less than 24 hours ago (2026-06-04T22:57:31.000Z)Author name is missing or very shortAuthor "" appears to have only 1 package on PyPI (new or inactive account)