LiteLLM Got Compromised on PyPI — How to Check If Your Python Packages Are Safe

LiteLLM versions 1.82.7 and 1.82.8 on PyPI were just confirmed compromised. If you installed either version, your environment may be affected. This is not new. PyPI packages get compromised regularly. The question is: how do you protect yourself? Here are the free tools and APIs you can use right now to audit your Python dependencies. 1. Check Your Installed Version pip show litellm # If version is 1.82.7 or 1.82.8 — take action immediately # Downgrade to safe version pip install litellm == 1.82.6 2. Use pip-audit (Free, Offline) pip install pip-audit pip-audit This scans ALL your installed packages against the OSV vulnerability database. 3. Check PyPI Package History via API PyPI has a free JSON API — no key needed: import requests def check_package ( name ): resp = requests . get ( f " https://pypi.org/pypi/ { name } /json " ) data = resp . json () info = data [ " info " ] print ( f " Package: { info [ ' name ' ] } v { info [ ' version ' ] } " ) print ( f " Author: { info . get ( ' a