Show HN: Phantom Guard – Detect AI-hallucinated package attacks (github.com)

Phantom Guard has been launched as a crucial tool to combat a new class of supply chain attack known as slopsquatting, which preys on developers using AI code assistants like ChatGPT and Copilot. These AI models sometimes generate fictitious package names that attackers can quickly register before unsuspecting developers incorporate them into their projects. Once a developer installs a "hallucinated" package, they may inadvertently introduce malware into their systems, leading to potential credential theft, backdoor injections, and data breaches. Phantom Guard employs multiple detection mechanisms, including registry verification, pattern and typosquat analysis, and metadata scrutiny to assess the legitimacy of package names. It generates risk scores based on over ten different indicators and classifies packages into risk levels to guide developers on whether to proceed with installation. Given that over 30% of AI-generated code contains non-existent package references, this tool fills a vital gap in current security practices, effectively safeguarding the software development process from the emerging threats posed by AI hallucinations and malicious packages.