Many Hands Make Light Work: An LLM-Based Multi-Agent System for Detecting Malicious PyPI Packages

Malicious code in open-source repositories such as PyPI poses a growing threat to software supply chains. Traditional rule-based tools often overlook the semantic patterns in source code that are crucial for identifying adversarial components. Large language models LLMs show promise for software...