How AI-generated code can introduce security risks through ‘slopsquatting’ — and how to prevent it

As artificial intelligence becomes increasingly integrated into software development workflows, a new security threat has emerged: “slopsquatting.” This risk affects any organization using AI tools to generate code, making it crucial for development teams to understand and address this vulnerability.

What is Slopsquatting?

According to a recent BleepingComputer article , security researcher Seth Larson coined the term “slopsquatting” as a variation of typosquatting.

Typosquatting is a well-known attack method that exploits human typing errors. While it commonly affects everyday internet users who misspell URLs and end up on malicious websites, it also targets developers who might mistype package names when installing dependencies.

Slopsquatting, however, is a new threat that specifically targets developers using AI coding assistants. Instead of relying on human typing errors, it exploits a different vulnerability: AI hallucinations.

When large language models (LLMs) generate code, they sometimes “hallucinate” – creating references to packages that don’t exist or inadvertently suggesting malicious ones. Threat actors can then create harmful packages with these AI-suggested names on repositories like PyPI and npm, waiting for unsuspecting developers to install them.

The scale of this problem is significant. Socket researchers found that “58% of hallucinated packages were repeated more than once across ten runs, indicating that a majority of hallucinations are not just random noise, but repeatable artifacts of how the models respond to certain prompts.”

A Simple but Effective Prevention Strategy

The good news is that slopsquatting can be prevented through proper oversight and expertise. Organizations should implement clear standards requiring:

1. Subject Matter Expertise: Anyone using AI for coding must have expertise in the programming languages and frameworks they’re working with. AI should enhance capabilities, not replace fundamental knowledge.
2. Thorough Code Review: All AI-generated code must undergo comprehensive review by experienced developers before implementation. This includes verifying all package dependencies and imports.
3. Security Best Practices:
   1. Follow your organization’s policies regarding proprietary code and AI tools – public AI services require extra caution
   2. Always validate AI-generated code before use
   3. Verify all package names and dependencies against official repositories
   4. Question any unfamiliar packages suggested by AI

Why This Matters

AI tools are powerful productivity enhancers for software development. When used correctly, they can accelerate coding, reduce errors, and help developers explore new solutions. However, like any tool, they require skilled operation and appropriate safeguards.

By ensuring that AI-generated code undergoes the same rigorous review process as human-written code – with particular attention to package dependencies – organizations can harness the benefits of AI while protecting against emerging threats like slopsquatting.

Moving Forward

As AI continues to evolve, so too will the security challenges it presents. Organizations must stay informed about emerging threats and maintain robust security practices. The key is not to avoid AI tools but to use them responsibly with appropriate expertise and oversight.

For development teams looking to safely integrate AI into their workflows, consider establishing clear policies that balance innovation with security. Remember: AI is a powerful assistant, but human expertise remains irreplaceable when it comes to ensuring code security and integrity.