[deathanatos]

I am confused; did you ever actually email anyone about the vuln? The AI suggests emailing security emails multiple times, but as I'm reading the timeline, none of the points seem to suggest this was ever done, only that a blog post was made, shared on Reddit, and then indirectly, the relevant parties took action.

I'm hoping this just isn't on the timeline.

[quietbritishjim]

The first line of the post is:

> I'm the engineer who got PyPI to quarantine litellm.

In guessing they used a tool other than Claude Code to serve the email.

[deathanatos]

"got" can be read as "indirectly, via a blog post, which I think they reacted to"

[Fibonar]

I've updated the timeline to clarify I did in fact email them. I’m not yet at the point of having Claude write my emails for me, in fact it was my first one sent since joining the company 10 months ago!

[dingdongditchme]

Wait, what? You sent a single email being in a company for ten months?? Or was it the first external email?