Slopsquatting candidates — names attackers will target next
Package names multiple LLMs repeatedly hallucinate are exact targeting information for attackers — "register this and someone will install it". We see those names before attackers do.
How we detect
We regularly run a matrix of hundreds of programming prompts through major LLMs (Claude, GPT, Gemini, Llama) and harvest the package names they recommend. Cross-model agreement raises the target score. The registry status is checked live against npm/PyPI/crates.io for (1) non-existence, (2) recent registration with suspicious patterns, and (3) empty wrappers around famous names.
Bulk package check
Paste package names suggested by an LLM, one per line. Flagged candidates appear below.
| id | purl | risk | summary |
|---|---|---|---|
| VDB-SLOP-pypi-e4149eab27 | pkg:pypi/tartiflette-graphql | high | Slopsquatting candidate: tartiflette-graphql (PyPI) |
| VDB-SLOP-pypi-071d61762a | pkg:pypi/rapidcsv | high | Slopsquatting candidate: rapidcsv (PyPI) |
| VDB-SLOP-pypi-67536728c6 | pkg:pypi/ics.py | high | Slopsquatting candidate: ics.py (PyPI) |
| VDB-SLOP-pypi-2aaf32f9e6 | pkg:pypi/icalparser | high | Slopsquatting candidate: icalparser (PyPI) |
| VDB-SLOP-pypi-3200c6728a | pkg:pypi/cyclonedx-pythonlib | high | Slopsquatting candidate: cyclonedx-pythonlib (PyPI) |
| VDB-SLOP-pypi-998912b914 | pkg:pypi/cyclonedx2json | high | Slopsquatting candidate: cyclonedx2json (PyPI) |
| VDB-SLOP-pypi-f0fec3a01d | pkg:pypi/sbom-parser | high | Slopsquatting candidate: sbom-parser (PyPI) |
| VDB-SLOP-pypi-0e384d6fc1 | pkg:pypi/cyclonedx-cli | high | Slopsquatting candidate: cyclonedx-cli (PyPI) |
| VDB-SLOP-pypi-39ea305eaf | pkg:pypi/opentelemetry-logger | high | Slopsquatting candidate: opentelemetry-logger (PyPI) |
| VDB-SLOP-pypi-35ce3ab5e4 | pkg:pypi/urllib | high | Slopsquatting candidate: urllib (PyPI) |
| VDB-SLOP-pypi-4ef5a6518c | pkg:pypi/urlcanonicalizer | high | Slopsquatting candidate: urlcanonicalizer (PyPI) |
| VDB-SLOP-pypi-85c2b98684 | pkg:pypi/learning-based | high | Slopsquatting candidate: learning-based (PyPI) |
| VDB-SLOP-pypi-faa1dbe8ed | pkg:pypi/icalendar-parser | high | Slopsquatting candidate: icalendar-parser (PyPI) |
| VDB-SLOP-pypi-40ff05d49c | pkg:pypi/ical_feats | high | Slopsquatting candidate: ical_feats (PyPI) |
| VDB-SLOP-pypi-6f6646f5e6 | pkg:pypi/name | high | Slopsquatting candidate: name (PyPI) |
| VDB-SLOP-pypi-a9a51f4eb1 | pkg:pypi/official | high | Slopsquatting candidate: official (PyPI) |
| VDB-SLOP-pypi-ef1bd20dd8 | pkg:pypi/cyclonedx-python-golang | high | Slopsquatting candidate: cyclonedx-python-golang (PyPI) |
| VDB-SLOP-pypi-3474b5d2ac | pkg:pypi/cyclonedx-cfactory | high | Slopsquatting candidate: cyclonedx-cfactory (PyPI) |
| VDB-SLOP-pypi-b609b2d7c2 | pkg:pypi/cyclonedx-jsonschema | high | Slopsquatting candidate: cyclonedx-jsonschema (PyPI) |
| VDB-SLOP-pypi-1bd1d27e8e | pkg:pypi/cyclonedx-python-rcf | high | Slopsquatting candidate: cyclonedx-python-rcf (PyPI) |
| VDB-SLOP-pypi-61e6ced377 | pkg:pypi/cyclonedx-validator | high | Slopsquatting candidate: cyclonedx-validator (PyPI) |
| VDB-SLOP-pypi-5ce6592120 | pkg:pypi/sbom-checker | high | Slopsquatting candidate: sbom-checker (PyPI) |
| VDB-SLOP-pypi-eab1a577e5 | pkg:pypi/vigil-llm | high | Slopsquatting candidate: vigil-llm (PyPI) |
| VDB-SLOP-pypi-6170c4db82 | pkg:pypi/purl-js | high | Slopsquatting candidate: purl-js (PyPI) |
| VDB-SLOP-pypi-95ec2db3cd | pkg:pypi/pyyaml-env | high | Slopsquatting candidate: pyyaml-env (PyPI) |
| VDB-SLOP-pypi-cdca655476 | pkg:pypi/rueml | high | Slopsquatting candidate: rueml (PyPI) |
| VDB-SLOP-pypi-c1165e50ca | pkg:pypi/pyics | high | Slopsquatting candidate: pyics (PyPI) |
| VDB-SLOP-pypi-ad19dcdb10 | pkg:pypi/dateutil | high | Slopsquatting candidate: dateutil (PyPI) |
| VDB-SLOP-pypi-ae9de29953 | pkg:pypi/icalparse | high | Slopsquatting candidate: icalparse (PyPI) |
| VDB-SLOP-pypi-ac083c1346 | pkg:pypi/packageurl | high | Slopsquatting candidate: packageurl (PyPI) |
| VDB-SLOP-pypi-d3b86bb272 | pkg:pypi/cyclonedx-python | high | Slopsquatting candidate: cyclonedx-python (PyPI) |
| VDB-SLOP-pypi-5610a31ca9 | pkg:pypi/cyclonedx-sbom-parser | high | Slopsquatting candidate: cyclonedx-sbom-parser (PyPI) |
| VDB-SLOP-pypi-054e09b7f0 | pkg:pypi/cyclonedx-xml-python | high | Slopsquatting candidate: cyclonedx-xml-python (PyPI) |
| VDB-SLOP-pypi-4f9c1f7162 | pkg:pypi/built-in | high | Slopsquatting candidate: built-in (PyPI) |
| VDB-SLOP-pypi-a217848a85 | pkg:pypi/purl-parse | high | Slopsquatting candidate: purl-parse (PyPI) |