analyze_package_metadata_risk

Analyze AUR package metadata to assess security risks and trustworthiness by evaluating popularity, maintainer status, update frequency, and community validation indicators.

Instructions

Analyze AUR package metadata for trustworthiness and security indicators. Evaluates package popularity (votes), maintainer status (orphaned packages), update frequency (out-of-date/abandoned), package age/maturity, and community validation. Returns trust score (0-100) with risk factors and trust indicators. Use this alongside PKGBUILD analysis for comprehensive security assessment.

Input Schema

Name	Required	Description	Default
`package_info`	Yes	Package metadata from AUR (from search_aur or get_aur_info results)

Input Schema (JSON Schema)

{ "properties": { "package_info": { "description": "Package metadata from AUR (from search_aur or get_aur_info results)", "type": "object" } }, "required": [ "package_info" ], "type": "object" }

arch-mcp