Most-hallucinated package names
| Ecosystem | Name | Status | Hallucinations | Exists? | First seen as hallucination | Registry publish | Downloads / wk |
|---|
Active squat alerts
Names first observed as LLM hallucinations and subsequently registered on the registry.
Per-model hallucination rate
Share of extracted package names that don't exist on the target registry.
| Model | Provider | Probes | Extractions | Hallucinated | Rate | Last run |
|---|
Probe prompts
Realistic dev questions we rotate through every cron tick.
| Ecosystem | Tag | Prompt | Runs | Last run |
|---|
Check a package name
Public CI endpoint at GET /slopsquat-radar/api/check?ecosystem=npm&name=foo. JSON response, no auth.
How this works
Roughly 20% of LLM-recommended package names don't exist on npm or PyPI. When the same prompt is rerun ten times, ~43% of those hallucinated names appear on every single run — meaning attackers can predict and pre-register them. This pattern is called slopsquatting.
slopsquat-radar runs two engines:
- Probe engine: every hour, sends 5 realistic dev prompts × 3 cheap models via OpenRouter, extracts every package name suggested, and records it.
- Registry watch: every 2 hours, hits the npm and PyPI registries to check whether each seen name actually exists. Compares first-publish dates against first-hallucination sightings to flag potential squats.
All data is real and runtime-fetched. The dashboard, RSS feed, and /api/check endpoint are public and unauthenticated.
Sources: registry.npmjs.org, pypi.org, api.npmjs.org/downloads, pypistats.org, openrouter.ai.