PACKAGE GUARD

Stop your AI coding agent from installing packages that don't exist.

In 2026, ~20% of package names LLMs recommend aren't real — and attackers register those hallucinated names ("slopsquatting") to poison agents. Package Guard is the one call an agent makes before npm install to check a package is real, safe, and the one it actually meant.

FreeDeterministic — no LLMOSV.dev + npm/PyPIHTTP + MCP

Try the guard

verdict appears here…

The tools

Endpoint	What it does
`/api/verify-package`	The guard. Exists? (else hallucination/slopsquat + "did you mean") · vulns & malware · slopsquat-risk · deprecated · license → a `verdict`
`/api/check-vulns`	Known vulnerabilities + malware advisories for `name@version` (OSV)
`/api/package-info`	latest · deprecated · license · repo · weekly downloads · age
`/api/audit-deps`	Batch-audit a whole dependency list (`?packages=…` or POST package.json / requirements.txt)
`/api/typosquat-scan`	Generate lookalike names + flag which are registered & suspicious

Use it from an agent (MCP)

{ "mcpServers": { "package-guard": { "command": "npx", "args": ["-y", "package-guard-mcp"] } } }

Or call the HTTP endpoints directly — GET, JSON out, CORS open.

Why it exists

The Stanford AI Index named automated dependency installation a top-3 new attack surface for autonomous agents in 2026. Incumbent scanners (Snyk, Socket) are paid, heavyweight, human-CI tools — not something an agent calls in-loop, for free, before every install. This is. All data is public and read-only (OSV.dev, npm, PyPI); same input → same output.