LiteLLM was recently victim of a supply-chain exploit, where an attacker was able to run arbitrary code on infected machines.
In the aftermath, I saw how uv provides a safety setting for this, and it would be good practice to add this to your pyproject.toml
toml
|
|
or uv.toml:
toml
|
|
The docs provide multiple options to protect yourself.