Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

AI coding assistants can hallucinate non-existent package names. According to studies, somewhere between 5-21% are bad. 58% of these were recurring across multiple sessions.

In the past, typosquatting was a thing: create packages with common misspellings of a package to install code that the developer did not intend to install. This is the same thing but for AI generated code. To do this, monitor the AI output for commonly hallucinated package names, install the packages on PyPI, npm, RubyGems and other locations. By doing this, you can trick AI generated code to install malicious packages.

This is website is a tool that provides a lazy-loading trust scoring system with different tiers. With tier one, it does download, age and version history scoring. In tier 2 it does dependency analysis. In tier 3, it does a deep analysis of maintainer reputation, email domain verification and GitHub detection. This claims to have a very good accuracy and solve the problem. Under the hood, it's just a simple open source tool that does the scanning and even has GitHub CI integration support. Pretty neat!