AI Agents Expose Ghost Dependencies In Software Supply Chains

Tianchu Chen of Tencent Xuanwu Lab reports that agentic coding workflows enable a class of software supply-chain risks termed "Ghost Dependencies," where LLMs introduce outdated component versions and fabricate non-existent package names. Experiments show hallucination rates up to 40% and frequent outdated versions, and the team proposes a Pre-Execution Hooks defense and publishes a plugin, Atuin, on Tencent Cloud CodeBuddy.
Key Points
- 1Detect Ghost Dependencies: LLMs introduce outdated component versions and fabricate nonexistent package names during agentic coding
- 2Increase attack surface: Predictable hallucinations and stale versions enable N-day exploits and package poisoning
- 3Require pre-execution validation: implement hooks or plugins to block malicious installs and verify dependencies
Scoring Rationale
Empirical discovery of pervasive, exploitable supply-chain risks with a mitigation plugin; limited independent validation limits certainty.
Sources
Public references used for this report.
Practice with real Logistics & Shipping data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Logistics & Shipping problems

