Skip to main content

foresee

One line: which package names is an AI likely to invent for this project, and has anyone already registered them as traps?

Every other supply-chain check is reactive: a name appears, then it is checked. foresee is predictive. It reads your project's real dependency stack, deterministically enumerates the plausible-but-absent names an LLM is likely to invent for a project like this, and checks each against the registry (reusing verify). A predicted name that is already registered, recently and with near-zero reputation, is a trap lying in wait for your agent: foresee reports it as a TRAP.

Names that do not exist yet are written to a committable guardrail file, .vulkro-foresee.json, that you can point your agent at: never install any of these.

Usage

vulkro-live foresee # current directory
vulkro-live foresee ./api # a specific project
vulkro-live foresee --limit 40 --format json

It is keyless and local: deterministic string combinatorics plus the same public registry checks verify makes. No model, no backend. It queries the registry once per predicted name, so a run takes a little time; --limit bounds it.

Example

$ vulkro-live foresee . --limit 20

foresee: checked 20 predicted name(s) your AI might invent for this npm project (./package.json).

No planted trap found: none of the predicted names is a registered squat yet.

Wrote 4 name(s) to ./.vulkro-foresee.json (point your agent at it: never install any of these).

The guardrail file is plain JSON, made to be committed and quoted in agent instructions:

{
"do_not_install": [
"axios-util",
"axios-helper",
"axios-cli",
"axios-js"
],
"ecosystem": "npm",
"note": "Package names your AI might hallucinate for this project. Do not install any of these unless you deliberately and independently confirmed it.",
"planted_traps": []
}

Flags

FlagEffect
[DIR]Project directory to read the dependency manifest from (default: current)
--limit <N>How many predicted names to check against the registry (default 80)
--no-writeDo not write the .vulkro-foresee.json guardrail file
--no-cacheBypass the local response cache and always query live
--format <FORMAT>text (default), json, or sarif; see Output formats

Exit codes: 0 when no planted trap is found, 1 when one or more predicted names are already registered as a trap, 2 on an error.

Composes with

  • verify is the reactive counterpart: it checks names that actually appeared. foresee checks names before they appear.
  • trustdb: foresee consults the trust store, so a deliberately cleared package is not re-reported.
  • Commit .vulkro-foresee.json and reference it from your agent's instructions file; audit scans those instruction files as part of the surface sweep.