{"name":"pypi-package-risk","description":"PyPI package risk score / Python supply-chain scanner / pip dependency vetter / typosquat detector / pre-install audit / Python-package safety check / pyproject.toml / requirements.txt vetter / poetry + uv pre-install gate. Pulls metadata + release history from pypi.org for a package (and optional version), evaluates age, recent download volume, maintainer count, post-install hook presence, dependency depth, deprecation flags, last-update recency, and string-distance to popular packages (typosquat). Returns a numeric score (0-10), risk_level bucket, contributing factor list, and a Venice-LLM plain-English risk summary.","price":"$0.01","method":"POST","input_schema":{"properties":{"package_name":{"type":"string","description":"PyPI package distribution name (e.g. 'requests', 'django'). Case-insensitive; resolved via pypi.org/pypi/{name}/json."},"version":{"type":"string","description":"Optional specific version (e.g. '2.31.0'). Default: latest stable release."}},"required":["package_name"]},"input_example":{"package_name":"requests"},"output_example":{"package_name":"requests","version":"2.31.0","score":5,"risk_level":"low","summary":"Mature, well-maintained HTTP library with broad maintainer base and strong download history; no install-script hooks, no typosquat concerns.","factors":[{"factor":"downloads_weekly","value":250000000,"weight":"low_risk"},{"factor":"age_days","value":5500,"weight":"low_risk"},{"factor":"has_install_scripts","value":false,"weight":"low_risk"}],"typosquat_candidates":[]},"x402_payment_required":true,"x402_facilitator":"https://api.cdp.coinbase.com/platform/v2/x402"}