Safety checks your dependencies for known security vulnerabilities.

Don't ship insecure code.

Try it out

One command to check them all

Safety is a command line tool. Use it to check your local virtual environment, your requirement files, or any input from stdin for dependencies with security issues.

If you are using something insecure, you'll get a report on what exactly is affected.

Try It Out

Installation is extremely simple. Your first check is just a few seconds away.

To get started, install the command line client:

pip install safety

Once installed, run the safety check command:

safety check

This will check your current virtual environment.

To check a requirements file, run:

safety check -r requirements.txt
check out the readme more examples


Safety is free and open source. The underlying free vulnerability database is updated once per month.

To get access to all vulnerabilities as soon as they are added, you need a Safety API key that comes with a paid account, starting at $99 per month.

Learn more about Pricing.


An API Key gives you access to the latest vulnerability database. Here's a guide on how to get one.

To use your API Key, append it with the --key parameter:

safety check --key={API_KEY}
safety check -r req.txt --key={API_KEY}

Meet the Safety family

The Safety family is a set of tools that help you to keep your dependencies secure.


Safety is a command line tool that checks local dependencies for known security vulnerabilities.

Learn More

Safety CI

Safety CI is integrated into and checks commits and Pull Requests on your GitHub repo for insecure dependencies.

Learn More