In Trust No One, you play as a PyPI package maintainer who has just adopted a new, more secure publishing method using the OpenID Connect standard to exchange short-lived identity tokens between a trusted third-party service and PyPI. But when a package you publish is hacked, you must use your cybersecurity skills to track down the culprit before they can cause any more damage.