AI Hallucination Detector
Catches "phantom packages" — cases where an AI coding assistant (Copilot, Cursor, Claude Code, etc.) confidently suggests importing an npm package that doesn't actually exist.
This is a real supply-chain risk known as slopsquatting: attackers watch for package names that AI tools commonly hallucinate, register them on npm, and fill them with malware. If you npm install a hallucinated name before checking it, you may be installing exactly that.

What it does
- Parses the active JS/TS file with the TypeScript compiler API (not regex) to find every
import, require(), and dynamic import() call.
- Checks each imported package name against a bundled list of AI-hallucinated packages documented in published security research — instantly, with no network request, since an attacker may have already registered the exact name a model tends to suggest.
- Falls back to a live npm registry lookup for anything not already in that list, cached in memory so the same package isn't re-checked on every keystroke — only on file open/save.
- Flags phantom packages with a diagnostic (red squiggle) and an explanatory hover message, sourced to the original research where applicable.
- Offers a quick fix suggesting the real package name, either from the documented "what this was probably confused with" answer, or via string-similarity matching against a list of popular packages (e.g.
axioz → axios).
Example
const shift = require('react-codeshift'); // flagged: documented AI hallucination (Aikido Security, Jan 2026)
const http = require('axioz'); // flagged: not on npm — quick fix suggests "axios"
const real = require('lodash'); // not flagged — real package
Status
Published on the VS Code Marketplace as an early-stage release. It currently covers phantom-package detection for JavaScript/TypeScript + npm only.
Planned next: method/API-level hallucination detection, config/CLI flag checking, and support for other language ecosystems.
Why this, and not just a vulnerability scanner?
Tools like Snyk, Socket.dev, and Aikido check whether a real package has known vulnerabilities. This checks something upstream of that: whether the package the AI just told you to install is real in the first place — live, in the editor, before you ever run npm install.
Issues & feedback
This repository is for documentation and issue tracking. Please open an issue here for bugs, feature requests, or to report a package name that should be added to the known-hallucination list.