Spectra Assure
Community
failIncident: Malware
Scanned: about 10 hours ago

aliyun-ai-labs-snippets-sdk

Artifact:
latest
malicious
AI Labs Snippets SDK for Python
License: Permissive (MIT)
Published: 8 months ago
See on PyPI

SAFE Assessment

Compliance

Licenses
No license compliance issues
Secrets
No sensitive information found

Security

Vulnerabilities
No known vulnerabilities detected
Hardening
No application hardening issues

Threats

Tampering
3 malware-like behaviors found
Malware
4 supply chain attack artifacts

INCIDENTS FOR THIS VERSION:

malware
8 months agoReported By: ReversingLabs (Automated)
Learn more about malware detection
malware
8 months agoReported By: ReversingLabs (Researcher)
See more info on our blog
malware
7 months agoReported By: Community (OpenSSF)
More info
List of software behaviors discovered with static code analysis.
Info
Count
Category

Prevalence in PyPI community

Behavior exclusively used by malicious software (Malicious)
Behavior uncommon for this community (Uncommon)
0 packages
found in
Top 100
0 packages
found in
Top 1k
1 packages
found in
Top 10k
12 packages
in community

Prevalence in PyPI community

Behavior commonly used by malicious software (Important)
Behavior uncommon for this community (Uncommon)
0 packages
found in
Top 100
3 packages
found in
Top 1k
11 packages
found in
Top 10k
457 packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
36 packages
found in
Top 100
281 packages
found in
Top 1k
1802 packages
found in
Top 10k
66.4k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
39 packages
found in
Top 100
252 packages
found in
Top 1k
1477 packages
found in
Top 10k
53.15k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
68 packages
found in
Top 100
540 packages
found in
Top 1k
3680 packages
found in
Top 10k
150.76k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
53 packages
found in
Top 100
351 packages
found in
Top 1k
1856 packages
found in
Top 10k
48.82k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
51 packages
found in
Top 100
408 packages
found in
Top 1k
2829 packages
found in
Top 10k
106.17k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
20 packages
found in
Top 100
63 packages
found in
Top 1k
379 packages
found in
Top 10k
11.79k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
24 packages
found in
Top 100
199 packages
found in
Top 1k
959 packages
found in
Top 10k
27.04k packages
in community

Prevalence in PyPI community

Behavior often found in this community (Common)
22 packages
found in
Top 100
166 packages
found in
Top 1k
1012 packages
found in
Top 10k
29.99k packages
in community

Did you know...

... that you can use ReversingLabs’ Spectra Assure platform to perform regular risk assessments of packages you develop in-house?

We recommend continuous software safeness monitoring through CI/CD integrations and pre-release/deployment checks. In addition to basic package information found on this page our platform offers rich reports for developers and DevSecOps that help them remediate all reported issues.