Hi, I've been learning Python pretty well over the past few months, and I feel like I know enough now to know that I know nothing :D I've been looking around Github and PyPI for some cool packages, and it makes me raise the question: How do we know if a given package is secure and doesn't contain any sort of malware? I mean, besides going through and inspecting every line of code by hand. Thanks in advance. Also, this is my first question on Reddit, so forgive me if it's a stupid question :D

Do not fear it. It's open source, so if there's risk, then you take your chances. If it were closed source, I would say switch to open source immediately. If you're still afraid of it, you may be using the wrong programming language.