Python is widely used in web crawler,machine learning,data analysis and so on.However,there is no guarantee that Python scripts are trusted in their whole lifetime because of system insecurity.When the system is attacked,scripts in the computer are likely to be tampered with.Therefore,the trustworthiness of Python scripts need to be checked through different configuration strategies which include integrity verification and vulnerability detection.In this paper,integrity verification and vulnerability detection are based on two Python scripts,an original Python script and a current Python script,and assuming the original Python script has no vulnerabilities.By comparing with the original script,we can find out whether the current script is integrity or not and detect whether there are vulnerabilities if the integrity of the current file is destroyed.Integrity verification with hash functions is not applied in some cases,since in this mode,any changes including blank lines added are considered to be illegal.So loose integrity verification by combining UNIX diff tool with abstract syntax trees is proposed.In the vulnerability detection,start from the premise that the original Python script has no vulnerabilities,the vulnerability detection framework Bandit has been improved.Besides,in order not to change the usage of Python,both integrity verification and vulnerability detection modules are embedded in Python interpreter.The experiments show that the performance of security analysis framework is good and the improved Bandit can greatly reduce the false positive without affecting the performance.