foresee
One line: which package names is an AI likely to invent for this project, and has anyone already registered them as traps?
Every other supply-chain check is reactive: a name appears, then it is
checked. foresee is predictive. It reads your project's real
dependency stack, deterministically enumerates the plausible-but-absent
names an LLM is likely to invent for a project like this, and checks
each against the registry (reusing verify). A
predicted name that is already registered, recently and with near-zero
reputation, is a trap lying in wait for your agent: foresee reports
it as a TRAP.
Names that do not exist yet are written to a committable guardrail
file, .vulkro-foresee.json, that you can point your agent at: never
install any of these.
Usage
vulkro-live foresee # current directory
vulkro-live foresee ./api # a specific project
vulkro-live foresee --limit 40 --format json
It is keyless and local: deterministic string combinatorics plus the
same public registry checks verify makes. No model, no backend. It
queries the registry once per predicted name, so a run takes a little
time; --limit bounds it.
Example
$ vulkro-live foresee . --limit 20
foresee: checked 20 predicted name(s) your AI might invent for this npm project (./package.json).
No planted trap found: none of the predicted names is a registered squat yet.
Wrote 4 name(s) to ./.vulkro-foresee.json (point your agent at it: never install any of these).
The guardrail file is plain JSON, made to be committed and quoted in agent instructions:
{
"do_not_install": [
"axios-util",
"axios-helper",
"axios-cli",
"axios-js"
],
"ecosystem": "npm",
"note": "Package names your AI might hallucinate for this project. Do not install any of these unless you deliberately and independently confirmed it.",
"planted_traps": []
}
Flags
| Flag | Effect |
|---|---|
[DIR] | Project directory to read the dependency manifest from (default: current) |
--limit <N> | How many predicted names to check against the registry (default 80) |
--no-write | Do not write the .vulkro-foresee.json guardrail file |
--no-cache | Bypass the local response cache and always query live |
--format <FORMAT> | text (default), json, or sarif; see Output formats |
Exit codes: 0 when no planted trap is found, 1 when one or more
predicted names are already registered as a trap, 2 on an error.
Composes with
verifyis the reactive counterpart: it checks names that actually appeared. foresee checks names before they appear.trustdb: foresee consults the trust store, so a deliberately cleared package is not re-reported.- Commit
.vulkro-foresee.jsonand reference it from your agent's instructions file;auditscans those instruction files as part of the surface sweep.