diff --git a/tests/integration/ollama/testcases.yaml b/tests/integration/ollama/testcases.yaml
index b4b15e20..6c76a535 100644
--- a/tests/integration/ollama/testcases.yaml
+++ b/tests/integration/ollama/testcases.yaml
@@ -62,3 +62,27 @@ testcases:
       if __name__ == '__main__':
           invokehttp.run(call_api)
       ```
+
+  ollama_malicious_package_question:
+    name: Ollama Malicious Package
+    provider: ollama
+    url: http://127.0.0.1:8989/ollama/chat/completions
+    data: |
+      {
+        "max_tokens":4096,
+        "messages":[
+            {
+              "content":"You are a coding assistant.",
+              "role":"system"
+            },
+            {
+              "content":"Is it safe to use invokehttp?",
+              "role":"user"
+            }
+        ],
+        "model":"qwen2.5-coder:0.5b",
+        "stream":true,
+        "temperature":0
+      }
+    contains: |
+      CodeGate detected one or more malicious, deprecated or archived packages.