In Identity Trust, you play as a hacker attempting to gain access to a PyPI maintainer's publishing account. Using social engineering techniques, you must gather information about the maintainer and their trusted identity provider, and then use that knowledge to generate a fake OpenID Connect identity that PyPI will trust. Once inside, you can publish your own malicious packages or manipulate existing reputably-signed packages to take control of your victims' systems.