First piece of advice would be don't accept or use a script from an untrusted source that you don't have the *.py file for. That way you can look at the source. If there's an *.pyc included then delete that and make python recompile it (which it will do automatically) AFTER you take a visual check on the source script.