How pipguard-cli Works

pipguard-cli parses requirements.txt, pyproject.toml, and setup.cfg. It checks each package against a registry of known malicious packages, detects typosquatting patterns (edit distance < 2 from popular packages), and flags suspicious metadata (no homepage, single-file packages, unusual install hooks).