5小时前 当 AI Coding 编出不存在的包:53 个可注册幻觉依赖如何变成供应链入口https://mp.weixin.qq.com/s/K0UewnTMhH-br6sFA8Hd_whttps://arxiv.org/abs/2605.17062思路打开.jpg arXiv.org The Range Shrinks, the Threat Remains: Re-evaluating LLM Package... Spracklen et al. (USENIX Security '25) showed that code-generating large language models hallucinate package names that do not exist on PyPI or npm at rates ranging from 5.2% on commercial models...