Researchagentic codingsupply chain securityllmtencent
AI Agents Expose Ghost Dependencies In Software Supply Chains
|
9.1
Tianchu Chen of Tencent Xuanwu Lab reports that agentic coding workflows enable a class of software supply-chain risks termed "Ghost Dependencies," where LLMs introduce outdated component versions and fabricate non-existent package names. Experiments show hallucination rates up to 40% and frequent outdated versions, and the team proposes a Pre-Execution Hooks defense and publishes a plugin, Atuin, on Tencent Cloud CodeBuddy.
Scoring Rationale
Empirical discovery of pervasive, exploitable supply-chain risks with a mitigation plugin; limited independent validation limits certainty.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
Used by DS/ML engineers at top companies
High-Value Overnight OrdersEasyDelivered International ShipmentsMediumOn-Time Delivery Rate by CarrierHard
250 free problems · No credit card
See all Logistics & Shipping problems
