verify_lockfile
Scan entire lockfiles for hallucinated, typosquatted, or suspicious packages before running install. Avoid trusting LLM-generated lockfiles by verifying dependencies upfront.
Instructions
Scan an entire lockfile (direct + transitive deps) for hallucinated / typosquatted / suspicious packages BEFORE running install. Call this instead of trusting an LLM-generated lockfile.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| format | Yes | ||
| ecosystem | No | Optional; inferred from format. | |
| lockfile_content | Yes | Raw lockfile text (not a path). |