Slopsquatting: Your Coding Agent Is a Supply-Chain Attack Vector
Slopsquatting is a supply-chain attack emerging from AI coding agents. Learn how LineageLens Trellis mitigates this risk.
A new category of supply-chain attack, known as slopsquatting, arises from AI coding agents. These agents generate fictitious package names, which attackers exploit by registering them with malicious hooks. Traditional code reviews fail to catch these threats since the harmful code isn't present in diffs, but rather in the registry. LineageLens Trellis addresses this issue by implementing separate checks for manifest edits, enhancing security against such attacks.