recall-terminal

v0.1.2 suspicious
6.0
Medium Risk

The AI brain for developers — natural language terminal commands

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high network and shell execution risks, suggesting potential for unauthorized data exchange and arbitrary code execution. However, the lack of obfuscation and credential harvesting techniques lowers the overall suspicion level.

  • High network and shell execution risks
  • Low quality metadata and missing author details
Per-check LLM notes
  • Network: The package makes network calls to various endpoints which may indicate it is communicating with a backend server, potentially for legitimate purposes but could also be used for unauthorized data exchange.
  • Shell: Executing commands via the shell can pose significant risks as it allows for arbitrary code execution, which could be exploited for malicious activities.
  • Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, indicating secure handling of sensitive information.
  • Metadata: The package is new with low-quality metadata and no author details, raising concerns but not conclusive evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls score 6.0

Found 4 network call pattern(s)

  • try: response = requests.post( f"{BACKEND_URL}/query", json={"qu
  • try karo response = requests.post( f"{BACKEND_URL}/login", json={"em
  • 200: response = requests.post( f"{BACKEND_URL}/signup",
  • ken() response = requests.post( f"{BACKEND_URL}/fix-error",
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • an] {cmd}") proc = subprocess.run( cmd, shell=True, capture_output=T
  • rocess.run( cmd, shell=True, capture_output=True, text=True )
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 8.0

4 maintainer concern(s) found

  • Package uploaded less than 24 hours ago (2026-06-04T22:08:31.000Z)
  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
  • Package has no PyPI classifiers (low effort / metadata quality)