I second this question. I usually scan our containers with snyk and guarddog, and have wondered about guarddog in particular because it adds so much build time.
reply> tried to test the LiteLLM hack but the affected packages had been pulled
replyHey, I have been part of the archival effect/Litellm issue thread. I think I have stored them in archive.org for preservation purposes
https://web.archive.org/web/20260325073027/https://files.pyt...
(I have also made an archive of the github issue with all the comments manually till a certain point at https://web.archive.org/web/20260325054202/https://serjaimel...)
> Has anyone tested general purpose malware detection on supply chains ? Like clamscan
replyYou could use Trivy! /s