After the supply chain attack, here are some litellm alternatives

A significant supply chain attack has hit the AI development community, with malicious versions (1.82.7 and 1.82.8) of the widely-used LiteLLM library uploaded to the Python Package Index (PyPI). The compromised packages contained credential-stealing malware, putting any project that installed or updated them at severe risk. This incident has forced teams to urgently audit dependencies and seek secure, trustworthy alternatives for managing calls to various large language model (LLM) APIs like OpenAI, Anthropic, and Google.

In response, three primary open-source alternatives are gaining traction. Bifrost, written in Go, is positioned as the most direct replacement, boasting a claimed ~50x faster P99 latency than LiteLLm and supporting over 20 providers under an Apache 2.0 license. Migration reportedly requires just a one-line base URL change. For more agent-centric workflows, Kimi's Kosong offers a unified message structure and async tool orchestration. Meanwhile, Helicone serves as a heavier but more feature-complete AI gateway, emphasizing analytics and debugging across 100+ providers.

This event underscores the critical vulnerabilities in the open-source software supply chain, especially for fast-moving fields like AI. It has catalyzed a broader discussion about dependency risk management and the trade-offs between convenience, performance, and security. The emergence of these alternatives provides the community with immediate migration paths while highlighting the need for more resilient infrastructure for AI application development.