@andrewnez @sethmlarson

I don’t mean to ruin the party, but this attack technique is actually called “package hallucination” — a term and concept I introduced two years ago. I’ve published two research pieces on it, and it's now recognized as a resource under the OWASP Top 10 for LLMs, specifically under the "Misinformation" category. You can check out my latest work here:
https://www.lasso.security/blog/ai-package-hallucinations