Skip to main content

vulkro slopcheck

Slopsquatting and hallucinated-package check for an AI-generated dependency list. Paste or pipe the dependencies an AI assistant suggested and find the names that are known-malicious, documented AI hallucinations, typosquats of a popular package, or popular-name-plus-suffix decoys BEFORE you npm install or pip install them.

Offline-first: every category is computed from data baked into the binary (or the local bundle) with no network call. The one exception is --online (below).

Input sources

Pick exactly one:

  • --manifest <path> reads a dependency manifest directory or file (package.json, requirements.txt, go.mod, Cargo.toml, pom.xml, and more). The ecosystem is taken from each parsed entry.
  • --list <path> reads a plain newline-delimited file of bare package names. Use - for the path to read from stdin (handy for pasting an AI-generated list). The --ecosystem flag then says which registry the names belong to.

With neither flag and a non-tty stdin, the list is read from stdin.

Usage

# Check a manifest.
vulkro slopcheck --manifest ./package.json

# Paste an AI-suggested npm list on stdin.
pbpaste | vulkro slopcheck --list - --ecosystem npm

# CI-friendly JSON.
vulkro slopcheck --manifest . --format json

Flags

FlagDescription
--manifest <PATH>Dependency manifest directory or file. Mutually exclusive with --list.
--list <PATH>Newline-delimited file of bare package names. Use - for stdin. Mutually exclusive with --manifest.
--ecosystem <ECO>Ecosystem for names read via --list / stdin: npm (default) or pypi. Ignored for --manifest (each entry carries its own).
--format, -f <FORMAT>table (default), json, and the other standard finding formats.
--onlineAlso probe the registry to confirm each name exists. A name the registry never published is a strong hallucination signal. Makes outbound HTTPS calls; refuses when VULKRO_OFFLINE=1 is set.

Detection categories

CategorySeverityMeaning
known-maliciousHighOn the curated compromised-release list.
hallucinatedHighOn the curated AI-hallucination list.
typosquat-of:<n>MediumEdit distance 1-2 (or a separator / scope confusion) from popular <n>.
suspicious-suffixLowA <popular>-js / -cli / -py decoy.

Exit codes

  • 0 no suspicious packages found.
  • 1 one or more suspicious packages reported (findings).
  • 2 error: bad args, unreadable input, or --online with VULKRO_OFFLINE=1.