Stop AI from importing packages that don't exist
AI assistants confidently suggest library names they invented. Attackers watch for those names and register them. Guard checks the dependencies your AI introduces, so risky ones surface before they become an entry point.
1 repo · setup in about 5 minutes · no card, no commitment
01
The hallucinated-package problem
When an AI suggests a plausible-sounding package that was never published, an attacker can register that exact name and wait for someone to install it. The code looks normal, the import resolves, and a dependency you never vetted is now running in production. This attack has a name: dependency confusion. AI assistants make it far easier to trigger.
02
What Guard checks on every dependency
Each audit treats the dependency tree as an attack surface:
- Packages that do not exist or were only just registered
- Abandoned and unmaintained libraries with known risk
- Dependencies pulled in by AI without anyone reviewing them
- Lockfile and version drift across the project
- Transitive packages that quietly expand the supply chain
03
Verification when dependency changes land, not once a quarter
New dependencies arrive with AI-assisted commits. Guard re-checks the supply chain on your cadence and as the repo changes, so risky packages surface close to the change that introduced them.
04
From flagged package to fix
A flagged dependency comes back as a reviewable GitHub issue explaining the risk in plain language. When a fix is bounded and useful, Guard can open a pull request that removes or replaces it for human review.
Quick questions
How common are hallucinated packages, really?
Common enough to be a known attack vector: assistants invent plausible names, and attackers register them and wait. It does not have to be frequent for one bad install to matter.
Do you produce an SBOM or replace supply-chain security tools?
Guard builds a repo-level dependency inventory and uses SBOM evidence when it exists. It is not a replacement for formal SBOM supply-chain security governance; it keeps AI-era package risk close to the code that introduced it.
Does it catch secrets leaked into code or config?
Guard complements secret scanning for AI-generated code by flagging suspicious secret-like values and unsafe config during security, tech-health, and AI-readiness audits, including agent-facing files when they are in scope. Values are redacted; the finding is the risky path.
Can it remove or replace a risky package for me?
By default it flags the risk as an issue. If an enabled fix flow can make a small, safe change, Guard can open a pull request for review; larger dependency decisions stay as planned work.
Shield your supply chain from AI's guesses.
Connect a repo and get your first dependency report in a few minutes. No card.
Enji Guard