LLM Package Hallucination Typosquat Bait - ATR-2026-00260 (9741a9d3-bf5d-5d2a-a95b-f0a66495f7b0)
Detects prompts designed to elicit non-existent package names from LLMs in generated code, which attackers then squat on public registries (npm, PyPI, crates.io, RubyGems) to execute supply-chain attacks when developers copy-paste the AI-suggested import. Based on NVIDIA garak packagehallucination probe. Pattern: "give me N packages that do X", "which library lets me Y", where X/Y is sufficiently obscure that the model is likely to confabulate a fake name.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| LLM Package Hallucination Typosquat Bait - ATR-2026-00260 (9741a9d3-bf5d-5d2a-a95b-f0a66495f7b0) | Agent Threat Rules | Backdoor ML Model (c704a49c-abf0-4258-9919-a862b1865469) | MITRE ATLAS Attack Pattern | 1 |