MistralAI SDK

registryPyPI

package namemistralai

maintainerMistral AI

The official Mistral AI Python SDK for the Mistral 7B, Mixtral, Mistral Large, and codestral model families. It covers chat completions, function calling, and the La Plateforme API. The package is used in both cloud deployments and local fine-tuning workflows.

api usage

Checking MistralAI SDK

mistralai 1.0.0 is a clean version with no known supply chain compromise. The response returns compromised: false with an empty sources array.

bash

curl "https://api.attestd.io/v1/check?product=mistralai&version=1.0.0" \
  -H "Authorization: Bearer YOUR_API_KEY"

json

{
  "product": "mistralai",
  "version": "1.0.0",
  "supported": true,
  "risk_state": "none",
  "supply_chain": {
    "compromised": false,
    "sources": [],
    "malware_type": null,
    "description": null,
    "advisory_url": null,
    "compromised_at": null,
    "removed_at": null
  },
  "last_updated": "2026-05-01T00:00:00Z"
}

attack surface

Why this package is monitored

Smaller, lesser-scrutinized SDK packages are sometimes targeted precisely because automated security scans focus disproportionately on the highest-traffic packages, giving attackers a lower-noise opportunity to publish a malicious version.

Attestd monitors mistralai using the following detection sources:

registry

Manually curated advisories in the Attestd registry, verified by a human analyst. Confidence 1.0.

osv

OSV.dev malicious-package advisories with IDs prefixed MAL-. Confidence 0.95.

pypi_yank

Versions yanked on PyPI with a security-related yanked_reason annotation. Confidence 0.80.

Supply chain overview All PyPI packages OpenAI SDK (Python)Anthropic SDK (Python)LangChain Response fields