Attestations are an important corner stone to get more verifiable trust into the ecosystem https://docs.pypi.org/attestations/producing-attestations/ - the template should push for usage of them

Trusted publishing reduces the risk of compromised API tokens massively https://docs.pypi.org/trusted-publishers/ - the template should push for usage of them