The rapid rise of large language models (LLMs) has driven their widespread adoption, especially as the core component of open-source applications, which we refer to as LLM-Powered Apps (LPAs). Despite the rapid growth of this ecosystem, little is known about how these applications are built in the open-source world, especially in terms of their architectural and design decisions, deployment strategies, and security practices, which remain poorly understood. In this paper, we conduct a comprehensive empirical study of 89 popular open-source LPAs on GitHub, with the goal of characterizing their design choices and identifying common security and safety concerns. We systematically collect a set of architectural and operational attributes, classify each LPA by its primary purpose and analyze how functionality influences architectural and security design. Our findings reveal dominant design patterns as well as recurring risks, such as inadequate access control, lack of telemetry transparency, and design assumptions that break down in complex runtime environment. We also conducted an in-depth study of 376 GitHub issues from two popular LPAs and two LIFs developed in open-source communities. We summarize the root causes of the GitHub issues by creating a taxonomy of three themes based on the software development life-cycle. By surfacing these trends and vulnerabilities, our study provides a foundational understanding of how LPAs are currently built and deployed in the open-source ecosystem as well as the recurring issues and pitfalls for developing and maintaining LPAs. The results offer practical insights for developers, researchers, and platform maintainers seeking to build more robust and secure LLM-integrated software systems. Furthermore, we propose a set of guideline for the secure use of API keys, encapsulated within a pre-commit hook and a GitHub Action workflow for easy integration into new and existing GitHub projects using API keys.
Gomez-Rangel et al. (Fri,) studied this question.