#pypi#python - Did someone already write a tool to front run safety or pip-audit before anything is installed? I guess something like "poetry lock" and then audit the files for suspicious situations, like CVEs or the repo was created yesterday or the package was published yesterday.
Installing everything then running safety imho has always been !@#$!@$ stupid because the malicious code runs during install.
