supply chain security

Detecting Typosquatting Packages in npm and PyPI

Detects typosquatting attacks in npm and PyPI package registries by analyzing package name similarity using Levenshtein distance and other string metrics, examining publish date heuristics to identify recently created packages mimicking established ones, and flagging download count anomalies where suspicious packages have disproportionately low usage compared to their legitimate targets. The analyst queries the PyPI JSON API and npm registry API to gather package metadata for automated comparison. Activates for requests involving package typosquatting detection, dependency confusion analysis, malicious package identification, or software supply chain threat hunting in package registries.

dependency-confusionlevenshteinmalicious-packagesnpmpackage-securitypypisupply-chaintyposquatting
Install this skill
npx skills add mukul975/Anthropic-Cybersecurity-Skills
Framework mappings

When to Use

  • Auditing project dependencies to identify packages whose names are suspiciously similar to popular libraries
  • Proactively scanning package registries for newly published packages that may be typosquats of your organization's packages
  • Investigating a suspected supply chain compromise where a developer installed a misspelled package name
  • Building automated monitoring that alerts when new packages appear with names close to critical dependencies
  • Assessing the risk profile of unfamiliar packages before adding them to a project's dependency tree

Do not use as the sole determination of malicious intent; name similarity alone does not prove a package is malicious. Do not use for bulk automated takedown requests without manual review of flagged packages. Do not use against private registries without authorization.

Prerequisites

  • Python 3.9+ with requests and python-Levenshtein (or rapidfuzz) packages installed
  • Network access to https://pypi.org/pypi/<package>/json (PyPI JSON API) and https://registry.npmjs.org/<package> (npm registry API)
  • A list of popular or critical packages to monitor (e.g., top 1000 PyPI packages, organization's dependency list)
  • Understanding of common typosquatting patterns: character omission, transposition, insertion, substitution, and hyphen/underscore manipulation

Workflow

Step 1: Build the Target Package Watchlist

Establish the set of legitimate packages to monitor for typosquats:

  • Extract project dependencies: Parse requirements.txt, Pipfile.lock, package.json, or package-lock.json to extract all direct and transitive dependency names
  • Include popular packages: Supplement with high-value targets from the top 1000 PyPI downloads (available from https://hugovk.github.io/top-pypi-packages/) or top npm packages by download count
  • Add organization packages: Include any packages published by your organization that attackers might target with typosquats to intercept internal installations
  • Normalize names: PyPI treats hyphens, underscores, and periods as equivalent (PEP 503 normalization: re.sub(r"[-_.]+", "-", name).lower()). npm package names are case-sensitive but scoped packages use @scope/name format. Normalize before comparison.

Step 2: Generate Candidate Typosquat Names

Produce potential typosquat variants for each target package:

  • Character omission: Remove each character one at a time (requests -> rquests, requets, reqests)
  • Character transposition: Swap adjacent characters (requests -> erquests, rqeuests, reques ts)
  • Character substitution: Replace characters with keyboard-adjacent keys using a QWERTY distance map (requests -> rrquests, requesta)
  • Character insertion: Insert common characters at each position (requests -> rrequests, reqquests)
  • Separator manipulation: For hyphenated names, try removing, doubling, or replacing separators (my-package -> mypackage, my--package, my_package)
  • Common prefix/suffix attacks: Prepend or append common strings (python-requests, requests-python, requests2, requests-lib)

Step 3: Query Registry APIs for Candidate Packages

Check whether generated candidate names actually exist in the registry:

  • PyPI JSON API: Send GET https://pypi.org/pypi/<candidate>/json for each candidate. A 200 response means the package exists; 404 means it does not. Extract from the response: info.name, info.version, info.author, info.summary, info.home_page, info.project_urls, and releases (keyed by version with upload_time_iso_8601 timestamps).
  • npm registry API: Send GET https://registry.npmjs.org/<candidate> with Accept: application/json. Extract: name, description, dist-tags.latest, time.created, time.modified, maintainers, and versions.
  • Rate limiting: PyPI has no published rate limits but respect reasonable request rates (1-2 requests/second). npm registry returns 429 when rate limited; implement exponential backoff.
  • Batch optimization: For large candidate lists, parallelize requests with connection pooling (requests.Session) and limit concurrency to avoid triggering abuse protections.

Step 4: Analyze Package Metadata for Suspicion Signals

Score each existing candidate package against multiple heuristic signals:

  • Levenshtein distance: Calculate the edit distance between the candidate name and the target. Packages with distance 1-2 from a popular package are high-priority suspects. Historical analysis shows 18 of 40 known typosquats had Levenshtein distance of 2 or less from their targets.
  • Publish date recency: Compare the candidate's first publish date against the target's. A package created years after its near-namesake is more suspicious. Flag packages created within the last 90 days that are similar to packages published years ago.
  • Download count disparity: Compare weekly downloads. Legitimate similarly-named packages typically have comparable or explainable download counts. A package with 50 downloads versus its near-namesake with 5 million downloads is suspicious. PyPI download stats are available via BigQuery (pypistats.org/api/); npm provides download counts at https://api.npmjs.org/downloads/point/last-week/<package>.
  • Author and maintainer analysis: Check if the candidate package author matches the legitimate package author. Different authors for near-identical names increase suspicion.
  • Description similarity: Compare package descriptions. Typosquats frequently copy or closely paraphrase the target package description to appear legitimate.
  • Version count: Legitimate packages typically have many versions over time. A package with only 1-2 versions and a name similar to a popular package is suspicious.
  • Repository URL analysis: Check if the candidate links to the same repository as the target (likely legitimate fork/mirror) or has no repository URL (suspicious).

Step 5: Score, Rank, and Report Findings

Combine signals into a composite risk score and generate an actionable report:

  • Weighted scoring: Assign weights to each signal. Example: Levenshtein distance 1 = 40 points, Levenshtein distance 2 = 25 points, created < 90 days ago = 15 points, download ratio < 0.001 = 15 points, different author = 10 points, single version = 5 points. Total score out of 100.
  • Threshold classification: Score >= 70: HIGH risk (likely typosquat), 40-69: MEDIUM risk (requires manual review), < 40: LOW risk (likely legitimate)
  • Generate report: For each flagged package, include the target it mimics, all signal values, the composite score, direct links to both packages on the registry, and a recommendation (block, investigate, or allow)
  • Actionable output: Produce a blocklist of flagged package names that can be imported into package manager deny-lists, CI/CD policy engines, or artifact repository proxy rules

Key Concepts

Term Definition
Typosquatting Registering a package name that closely resembles a popular package, exploiting common typos to trick developers into installing malicious code
Levenshtein Distance The minimum number of single-character edits (insertions, deletions, substitutions) required to transform one string into another; the primary metric for measuring name similarity
Dependency Confusion A broader supply chain attack where attackers publish malicious packages to public registries with names matching private internal packages, exploiting package manager resolution order
PEP 503 Normalization The Python packaging specification that treats hyphens, underscores, and periods as equivalent in package names, meaning my-package, my_package, and my.package resolve to the same package
QWERTY Distance A keyboard-layout-aware distance metric measuring how far apart two keys are on a standard keyboard, used to detect substitutions from adjacent key mistyping
Combosquatting A variant of typosquatting where attackers prepend or append common words to a package name (e.g., requests-security, python-requests)
StarJacking An attack where a typosquat package links its repository URL to the legitimate package's GitHub repository to inflate apparent credibility

Tools & Systems

  • PyPI JSON API: REST API at https://pypi.org/pypi/<package>/json returning package metadata including name, author, versions, upload timestamps, and project URLs
  • npm Registry API: REST API at https://registry.npmjs.org/<package> returning package metadata including maintainers, version history, creation timestamps, and distribution info
  • python-Levenshtein / rapidfuzz: Python libraries for fast string distance computation, supporting Levenshtein, Damerau-Levenshtein, Jaro-Winkler, and other similarity metrics
  • pypistats.org API: Provides download statistics for PyPI packages, enabling download count comparison between suspected typosquats and their targets
  • npm download counts API: Endpoint at https://api.npmjs.org/downloads/point/<period>/<package> providing download statistics for npm packages

Common Scenarios

Scenario: Auditing a Python Project for Typosquatted Dependencies

Context: A security team discovers that a developer's workstation was compromised after installing a Python package. The incident response team needs to audit all project dependencies for potential typosquats and establish ongoing monitoring.

Approach:

  1. Parse requirements.txt and Pipfile.lock to extract all 87 direct and transitive dependencies
  2. Generate typosquat candidates for each dependency using character omission, transposition, substitution, and separator manipulation, producing approximately 2,400 candidate names
  3. Query the PyPI JSON API for each candidate, finding 34 that actually exist as published packages
  4. Score each existing candidate: 3 packages score above 70 (HIGH risk) with Levenshtein distance 1, created within the last 60 days, single version, and fewer than 100 downloads
  5. Manual review confirms 2 of the 3 are malicious typosquats containing obfuscated code that exfiltrates environment variables during installation
  6. Block the malicious packages in the organization's artifact proxy, report to PyPI for takedown via security@pypi.org, and add all 87 dependencies to the ongoing monitoring watchlist
  7. Implement the detection agent as a scheduled CI job that runs weekly and alerts on new HIGH-risk findings

Pitfalls:

  • Not normalizing PyPI package names per PEP 503 before comparison, causing missed matches between hyphenated and underscored variants
  • Setting the Levenshtein distance threshold too low (only 1) and missing typosquats at distance 2 that use double substitutions
  • Relying solely on name similarity without checking metadata signals, leading to high false positive rates on legitimately similar package names
  • Not accounting for npm scoped packages (@scope/name) which have different naming rules than unscoped packages
  • Querying the registries too aggressively and getting rate-limited or IP-blocked

Output Format

## Typosquatting Detection Report
 
**Scan Date**: 2026-03-19
**Registry**: PyPI
**Packages Monitored**: 87
**Candidates Generated**: 2,412
**Candidates Found in Registry**: 34
**Flagged as Suspicious**: 5
 
### HIGH Risk (Score >= 70)
 
| Suspect Package | Target Package | Levenshtein | Created | Downloads | Score |
|----------------|---------------|-------------|---------|-----------|-------|
| reqeusts       | requests      | 1           | 2026-02-28 | 43     | 92    |
| requsets       | requests      | 1           | 2026-03-01 | 12     | 88    |
| numpyy         | numpy         | 1           | 2026-01-15 | 67     | 78    |
 
### Recommendation
- BLOCK: reqeusts, requsets, numpyy (add to artifact proxy deny-list)
- REPORT: Submit malware reports to security@pypi.org with package names and evidence
- MONITOR: Continue weekly scans for the full dependency watchlist
Source materials

References and resources

Everything below is rendered for inspection. Script files are read-only and never run.

References 1

api-reference.md5.5 KB

API Reference: Typosquatting Detection Agent for npm and PyPI

Overview

Detects typosquatting attacks in npm and PyPI package registries by generating candidate typosquat names using string manipulation techniques, querying registry APIs to check which candidates exist, and scoring each against multiple heuristic signals including Levenshtein distance, publish date recency, download count disparity, author mismatch, and version count. Produces risk-scored reports for security review.

Dependencies

Package Version Purpose
requests >=2.28 HTTP requests to PyPI and npm registry APIs
python-Levenshtein >=0.21 Fast Levenshtein distance computation (optional; pure-Python fallback included)
rapidfuzz >=3.0 Alternative fast string distance library (optional)

CLI Usage

# Scan for typosquats of a single PyPI package
python agent.py scan requests --registry pypi
 
# Scan for typosquats of an npm package
python agent.py scan express --registry npm
 
# Scan with limited candidate count
python agent.py scan numpy --registry pypi --max-candidates 50
 
# Scan all dependencies in a requirements file
python agent.py scan-file requirements.txt --registry pypi
 
# Scan all dependencies in a package.json
python agent.py scan-file package.json --registry npm
 
# Check a specific candidate against a target
python agent.py check reqeusts requests --registry pypi
 
# Generate typosquat candidates without querying registries
python agent.py generate requests
 
# Custom output path
python agent.py scan flask --registry pypi --output flask_typosquat_report.json

Arguments

Argument Required Description
command Yes Subcommand: scan, scan-file, check, generate
package For scan/generate Target package name to analyze
file For scan-file Path to requirements.txt, package.json, or similar
candidate For check Candidate package name to evaluate
target For check Legitimate target package name to compare against
--registry No Registry to scan: pypi or npm (default: pypi)
--max-candidates No Maximum number of candidates to check per package
--output No Output report path (default: typosquat_report.json)

Key Functions

generate_typosquat_candidates(name)

Generates potential typosquat variants using character omission, transposition, duplication, QWERTY keyboard-adjacent substitution, separator manipulation, and common prefix/suffix combosquatting. Returns a sorted list of unique candidate strings.

query_pypi_package(name, delay)

Queries GET https://pypi.org/pypi/<name>/json and parses name, version, author, summary, version count, and first/latest upload timestamps from the response. Returns None for non-existent packages (HTTP 404).

query_npm_package(name, delay)

Queries GET https://registry.npmjs.org/<name> and parses name, description, maintainers, version count, created/modified timestamps, license, and repository URL. Handles HTTP 429 rate limiting with exponential backoff.

get_pypi_downloads(name)

Queries https://pypistats.org/api/packages/<name>/recent to retrieve last-week download count for download disparity analysis.

get_npm_downloads(name)

Queries https://api.npmjs.org/downloads/point/last-week/<name> to retrieve last-week download count.

compute_suspicion_score(candidate_meta, target_meta, target_name, registry)

Computes a weighted suspicion score (0-100) combining six signals: Levenshtein distance (up to 40pts), publish recency (up to 15pts), download ratio (up to 15pts), different author (10pts), low version count (5pts), and missing repository URL (5pts). Returns the score and a signal breakdown dictionary.

classify_risk(score)

Maps composite score to risk level: HIGH (>=70), MEDIUM (40-69), LOW (<40).

scan_package(target_name, registry, max_candidates)

End-to-end scan: fetches target metadata, generates candidates, queries registry for each, scores existing candidates, and returns ranked results sorted by descending score.

scan_dependency_file(filepath, registry, max_candidates_per_pkg)

Parses a dependency file (requirements.txt, package.json, Pipfile), extracts package names, and runs scan_package for each. Returns aggregated results with high/medium/low summary counts.

normalize_pypi_name(name)

Normalizes PyPI package names per PEP 503: replaces hyphens, underscores, and periods with a single hyphen and lowercases the result.

Registry API Endpoints Used

Endpoint Method Purpose
https://pypi.org/pypi/<name>/json GET PyPI package metadata (info, releases, URLs)
https://registry.npmjs.org/<name> GET npm package metadata (versions, time, maintainers)
https://pypistats.org/api/packages/<name>/recent GET PyPI download statistics
https://api.npmjs.org/downloads/point/last-week/<name> GET npm download statistics

Scoring Weights

Signal Condition Points
Levenshtein distance Distance = 1 40
Levenshtein distance Distance = 2 25
Levenshtein distance Distance = 3 10
Publish recency Created <= 90 days ago 15
Publish recency Created <= 180 days ago 8
Download ratio candidate/target < 0.001 15
Download ratio candidate/target < 0.01 8
Author mismatch Different author/maintainer 10
Version count <= 2 versions 5
Repository URL Missing 5

Scripts 1

agent.py19.8 KB
Display-only source. This catalog never executes bundled scripts.
#!/usr/bin/env python3
"""Typosquatting Detection Agent - Detects typosquatting packages in npm and PyPI
registries using Levenshtein distance analysis, publish date heuristics, and
download count anomalies."""

import json
import logging
import argparse
import re
import time
from datetime import datetime, timezone
from pathlib import Path

import requests

try:
    from Levenshtein import distance as levenshtein_distance
except ImportError:
    # Fallback pure-Python Levenshtein implementation
    def levenshtein_distance(s1, s2):
        if len(s1) < len(s2):
            return levenshtein_distance(s2, s1)
        if len(s2) == 0:
            return len(s1)
        prev_row = range(len(s2) + 1)
        for i, c1 in enumerate(s1):
            curr_row = [i + 1]
            for j, c2 in enumerate(s2):
                insertions = prev_row[j + 1] + 1
                deletions = curr_row[j] + 1
                substitutions = prev_row[j] + (c1 != c2)
                curr_row.append(min(insertions, deletions, substitutions))
            prev_row = curr_row
        return prev_row[-1]


logging.basicConfig(level=logging.INFO, format="%(asctime)s [%(levelname)s] %(message)s")
logger = logging.getLogger(__name__)

PYPI_API = "https://pypi.org/pypi/{}/json"
NPM_API = "https://registry.npmjs.org/{}"
NPM_DOWNLOADS_API = "https://api.npmjs.org/downloads/point/last-week/{}"
PYPISTATS_API = "https://pypistats.org/api/packages/{}/recent"

SESSION = requests.Session()
SESSION.headers.update({"Accept": "application/json", "User-Agent": "typosquat-detector/1.0"})


def normalize_pypi_name(name):
    """Normalize a PyPI package name per PEP 503."""
    return re.sub(r"[-_.]+", "-", name).lower()


def generate_typosquat_candidates(name):
    """Generate potential typosquat variants of a package name.

    Produces candidates via character omission, transposition, insertion,
    substitution (keyboard-adjacent), and separator manipulation.
    """
    candidates = set()
    lower_name = name.lower()

    # Character omission: remove each character one at a time
    for i in range(len(lower_name)):
        candidate = lower_name[:i] + lower_name[i + 1:]
        if candidate and candidate != lower_name:
            candidates.add(candidate)

    # Character transposition: swap adjacent characters
    for i in range(len(lower_name) - 1):
        chars = list(lower_name)
        chars[i], chars[i + 1] = chars[i + 1], chars[i]
        candidate = "".join(chars)
        if candidate != lower_name:
            candidates.add(candidate)

    # Character duplication: double each character
    for i in range(len(lower_name)):
        candidate = lower_name[:i] + lower_name[i] + lower_name[i:]
        if candidate != lower_name:
            candidates.add(candidate)

    # Keyboard-adjacent substitution (QWERTY layout)
    qwerty_neighbors = {
        "q": "wa", "w": "qeas", "e": "wrds", "r": "etfs", "t": "ryg",
        "y": "tuh", "u": "yij", "i": "uok", "o": "ipl", "p": "ol",
        "a": "qwsz", "s": "wedxza", "d": "erfcxs", "f": "rtgvcd",
        "g": "tyhbvf", "h": "yujng", "j": "uikmh", "k": "ioljm",
        "l": "opk", "z": "asx", "x": "zsdc", "c": "xdfv", "v": "cfgb",
        "b": "vghn", "n": "bhjm", "m": "njk",
    }
    for i, ch in enumerate(lower_name):
        for neighbor in qwerty_neighbors.get(ch, ""):
            candidate = lower_name[:i] + neighbor + lower_name[i + 1:]
            if candidate != lower_name:
                candidates.add(candidate)

    # Separator manipulation for hyphenated/underscored names
    if "-" in lower_name or "_" in lower_name:
        candidates.add(lower_name.replace("-", "").replace("_", ""))
        candidates.add(lower_name.replace("-", "_"))
        candidates.add(lower_name.replace("_", "-"))
        candidates.add(lower_name.replace("-", "--"))

    # Common prefix/suffix combosquatting
    for affix in ["python-", "py-", "-python", "-py", "-lib", "-sdk", "2", "3"]:
        if affix.startswith("-"):
            candidates.add(lower_name + affix)
        else:
            candidates.add(affix + lower_name)

    # Remove the original name if present
    candidates.discard(lower_name)
    candidates.discard(name)

    return sorted(candidates)


def query_pypi_package(name, delay=0.5):
    """Query the PyPI JSON API for package metadata.

    Returns parsed metadata or None if the package does not exist.
    """
    url = PYPI_API.format(name)
    try:
        time.sleep(delay)
        resp = SESSION.get(url, timeout=15)
        if resp.status_code == 404:
            return None
        resp.raise_for_status()
        data = resp.json()
        info = data.get("info", {})
        releases = data.get("releases", {})

        # Find first and latest upload times
        upload_times = []
        for version_files in releases.values():
            for f in version_files:
                if f.get("upload_time_iso_8601"):
                    upload_times.append(f["upload_time_iso_8601"])

        first_upload = min(upload_times) if upload_times else None
        latest_upload = max(upload_times) if upload_times else None

        return {
            "registry": "pypi",
            "name": info.get("name", name),
            "version": info.get("version"),
            "author": info.get("author"),
            "author_email": info.get("author_email"),
            "summary": info.get("summary"),
            "home_page": info.get("home_page"),
            "project_url": info.get("project_url"),
            "requires_python": info.get("requires_python"),
            "license": info.get("license"),
            "version_count": len(releases),
            "first_upload": first_upload,
            "latest_upload": latest_upload,
            "exists": True,
        }
    except requests.RequestException as e:
        logger.warning("PyPI query failed for %s: %s", name, e)
        return None


def query_npm_package(name, delay=0.5):
    """Query the npm registry API for package metadata.

    Returns parsed metadata or None if the package does not exist.
    """
    url = NPM_API.format(name)
    try:
        time.sleep(delay)
        resp = SESSION.get(url, timeout=15)
        if resp.status_code == 404:
            return None
        if resp.status_code == 429:
            logger.warning("npm rate limited, waiting 10 seconds")
            time.sleep(10)
            resp = SESSION.get(url, timeout=15)
        resp.raise_for_status()
        data = resp.json()
        time_info = data.get("time", {})
        maintainers = data.get("maintainers", [])

        return {
            "registry": "npm",
            "name": data.get("name", name),
            "description": data.get("description"),
            "dist_tags_latest": data.get("dist-tags", {}).get("latest"),
            "created": time_info.get("created"),
            "modified": time_info.get("modified"),
            "maintainers": [m.get("name") for m in maintainers],
            "version_count": len(data.get("versions", {})),
            "license": data.get("license"),
            "homepage": data.get("homepage"),
            "repository": data.get("repository", {}).get("url") if isinstance(data.get("repository"), dict) else data.get("repository"),
            "exists": True,
        }
    except requests.RequestException as e:
        logger.warning("npm query failed for %s: %s", name, e)
        return None


def get_pypi_downloads(name):
    """Get recent download stats for a PyPI package from pypistats.org."""
    url = PYPISTATS_API.format(name)
    try:
        resp = SESSION.get(url, timeout=10)
        if resp.status_code != 200:
            return None
        data = resp.json().get("data", {})
        return data.get("last_week", 0)
    except requests.RequestException:
        return None


def get_npm_downloads(name):
    """Get last-week download count for an npm package."""
    url = NPM_DOWNLOADS_API.format(name)
    try:
        resp = SESSION.get(url, timeout=10)
        if resp.status_code != 200:
            return None
        return resp.json().get("downloads", 0)
    except requests.RequestException:
        return None


def compute_suspicion_score(candidate_meta, target_meta, target_name, registry):
    """Compute a weighted suspicion score for a candidate typosquat package.

    Signals:
    - Levenshtein distance (1 = 40pts, 2 = 25pts, 3 = 10pts)
    - Publish recency: created within 90 days = 15pts
    - Download ratio: candidate/target < 0.001 = 15pts
    - Different author/maintainer = 10pts
    - Low version count (<=2) = 5pts
    - No repository URL = 5pts
    """
    score = 0
    signals = {}
    candidate_name = candidate_meta.get("name", "")

    # Levenshtein distance
    if registry == "pypi":
        dist = levenshtein_distance(
            normalize_pypi_name(candidate_name),
            normalize_pypi_name(target_name),
        )
    else:
        dist = levenshtein_distance(candidate_name.lower(), target_name.lower())

    signals["levenshtein_distance"] = dist
    if dist == 1:
        score += 40
    elif dist == 2:
        score += 25
    elif dist == 3:
        score += 10

    # Publish recency
    now = datetime.now(timezone.utc)
    first_publish = candidate_meta.get("first_upload") or candidate_meta.get("created")
    if first_publish:
        try:
            if isinstance(first_publish, str):
                first_dt = datetime.fromisoformat(first_publish.replace("Z", "+00:00"))
            else:
                first_dt = first_publish
            days_old = (now - first_dt).days
            signals["days_since_first_publish"] = days_old
            if days_old <= 90:
                score += 15
            elif days_old <= 180:
                score += 8
        except (ValueError, TypeError):
            pass

    # Download disparity
    if registry == "pypi":
        candidate_dl = get_pypi_downloads(candidate_name)
        target_dl = get_pypi_downloads(target_name)
    else:
        candidate_dl = get_npm_downloads(candidate_name)
        target_dl = get_npm_downloads(target_name)

    signals["candidate_downloads_weekly"] = candidate_dl
    signals["target_downloads_weekly"] = target_dl
    if candidate_dl is not None and target_dl and target_dl > 0:
        ratio = candidate_dl / target_dl
        signals["download_ratio"] = round(ratio, 6)
        if ratio < 0.001:
            score += 15
        elif ratio < 0.01:
            score += 8

    # Author comparison
    if registry == "pypi":
        candidate_author = (candidate_meta.get("author") or "").lower().strip()
        target_author = (target_meta.get("author") or "").lower().strip()
    else:
        candidate_author = set(m.lower() for m in (candidate_meta.get("maintainers") or []))
        target_author = set(m.lower() for m in (target_meta.get("maintainers") or []))

    if candidate_author and target_author and candidate_author != target_author:
        score += 10
        signals["different_author"] = True
    else:
        signals["different_author"] = False

    # Version count
    version_count = candidate_meta.get("version_count", 0)
    signals["version_count"] = version_count
    if version_count <= 2:
        score += 5

    # Repository URL presence
    repo = candidate_meta.get("home_page") or candidate_meta.get("homepage") or candidate_meta.get("repository")
    signals["has_repository"] = bool(repo)
    if not repo:
        score += 5

    signals["total_score"] = score
    return score, signals


def classify_risk(score):
    """Classify risk level based on composite score."""
    if score >= 70:
        return "HIGH"
    elif score >= 40:
        return "MEDIUM"
    else:
        return "LOW"


def scan_package(target_name, registry="pypi", max_candidates=None):
    """Scan for typosquat candidates of a target package.

    Generates candidates, checks which exist in the registry, scores them,
    and returns ranked results.
    """
    logger.info("Scanning for typosquats of '%s' on %s", target_name, registry)

    # Fetch target package metadata
    if registry == "pypi":
        target_meta = query_pypi_package(target_name, delay=0.2)
    else:
        target_meta = query_npm_package(target_name, delay=0.2)

    if not target_meta:
        logger.warning("Target package '%s' not found on %s", target_name, registry)
        return {"target": target_name, "registry": registry, "error": "Target package not found"}

    # Generate candidates
    candidates = generate_typosquat_candidates(target_name)
    if max_candidates:
        candidates = candidates[:max_candidates]
    logger.info("Generated %d typosquat candidates for '%s'", len(candidates), target_name)

    # Query registry for each candidate
    results = []
    for i, candidate in enumerate(candidates):
        if registry == "pypi":
            meta = query_pypi_package(candidate, delay=0.3)
        else:
            meta = query_npm_package(candidate, delay=0.3)

        if meta and meta.get("exists"):
            score, signals = compute_suspicion_score(
                meta, target_meta, target_name, registry
            )
            risk = classify_risk(score)
            results.append({
                "candidate": candidate,
                "target": target_name,
                "registry": registry,
                "score": score,
                "risk": risk,
                "signals": signals,
                "metadata": meta,
            })
            logger.info(
                "  [%s] %s (score=%d, lev=%d)",
                risk, candidate, score, signals.get("levenshtein_distance", -1),
            )

        if (i + 1) % 50 == 0:
            logger.info("  Progress: %d/%d candidates checked", i + 1, len(candidates))

    # Sort by score descending
    results.sort(key=lambda r: r["score"], reverse=True)

    return {
        "target": target_name,
        "registry": registry,
        "target_metadata": target_meta,
        "candidates_generated": len(candidates),
        "candidates_found": len(results),
        "results": results,
    }


def scan_dependency_file(filepath, registry="pypi", max_candidates_per_pkg=None):
    """Scan all dependencies in a requirements file or package.json."""
    filepath = Path(filepath)
    if not filepath.exists():
        return {"error": f"File not found: {filepath}"}

    content = filepath.read_text()
    packages = []

    if filepath.name in ("requirements.txt", "requirements.in"):
        for line in content.splitlines():
            line = line.strip()
            if line and not line.startswith("#") and not line.startswith("-"):
                pkg = re.split(r"[><=!~\[]", line)[0].strip()
                if pkg:
                    packages.append(pkg)
    elif filepath.name == "package.json":
        try:
            pkg_json = json.loads(content)
            for dep_key in ("dependencies", "devDependencies", "peerDependencies"):
                packages.extend(pkg_json.get(dep_key, {}).keys())
        except json.JSONDecodeError as e:
            return {"error": f"Invalid JSON: {e}"}
    elif filepath.name in ("Pipfile",):
        for line in content.splitlines():
            line = line.strip()
            if "=" in line and not line.startswith("[") and not line.startswith("#"):
                pkg = line.split("=")[0].strip().strip('"')
                if pkg and not pkg.startswith("["):
                    packages.append(pkg)
    else:
        # Generic: one package per line
        for line in content.splitlines():
            line = line.strip()
            if line and not line.startswith("#"):
                packages.append(line.split()[0])

    packages = list(dict.fromkeys(packages))  # deduplicate preserving order
    logger.info("Found %d packages in %s", len(packages), filepath)

    all_results = {
        "file": str(filepath),
        "registry": registry,
        "packages_scanned": len(packages),
        "scan_results": [],
        "summary": {"high": 0, "medium": 0, "low": 0},
    }

    for pkg in packages:
        result = scan_package(pkg, registry, max_candidates_per_pkg)
        all_results["scan_results"].append(result)
        for r in result.get("results", []):
            risk = r.get("risk", "LOW").lower()
            all_results["summary"][risk] = all_results["summary"].get(risk, 0) + 1

    return all_results


def generate_report(data, output_path):
    """Write scan results to a JSON report file."""
    report = {
        "report_generated": datetime.now(timezone.utc).isoformat(),
        **data,
    }
    with open(output_path, "w") as f:
        json.dump(report, f, indent=2, default=str)
    logger.info("Report written to %s", output_path)


def main():
    parser = argparse.ArgumentParser(
        description="Typosquatting Detection Agent for npm and PyPI"
    )
    sub = parser.add_subparsers(dest="command", required=True)

    # scan single package
    scan_p = sub.add_parser("scan", help="Scan for typosquats of a single package")
    scan_p.add_argument("package", help="Target package name to scan for typosquats")
    scan_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi",
                        help="Package registry to scan (default: pypi)")
    scan_p.add_argument("--max-candidates", type=int, help="Limit candidates to check")

    # scan dependency file
    file_p = sub.add_parser("scan-file", help="Scan dependencies from a file")
    file_p.add_argument("file", help="Path to requirements.txt, package.json, etc.")
    file_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi",
                        help="Package registry to scan (default: pypi)")
    file_p.add_argument("--max-candidates", type=int, help="Limit candidates per package")

    # check single candidate
    check_p = sub.add_parser("check", help="Check a specific package name against a target")
    check_p.add_argument("candidate", help="Candidate package name to check")
    check_p.add_argument("target", help="Legitimate target package name")
    check_p.add_argument("--registry", choices=["pypi", "npm"], default="pypi")

    # generate candidates only (no registry queries)
    gen_p = sub.add_parser("generate", help="Generate typosquat candidates without querying registry")
    gen_p.add_argument("package", help="Package name to generate candidates for")

    parser.add_argument("--output", default="typosquat_report.json", help="Output report path")
    args = parser.parse_args()

    result = {}

    if args.command == "scan":
        result = scan_package(args.package, args.registry, args.max_candidates)

    elif args.command == "scan-file":
        result = scan_dependency_file(args.file, args.registry, args.max_candidates)

    elif args.command == "check":
        if args.registry == "pypi":
            candidate_meta = query_pypi_package(args.candidate)
            target_meta = query_pypi_package(args.target)
        else:
            candidate_meta = query_npm_package(args.candidate)
            target_meta = query_npm_package(args.target)

        if not candidate_meta:
            result = {"candidate": args.candidate, "exists": False, "risk": "NONE"}
        elif not target_meta:
            result = {"error": f"Target package '{args.target}' not found"}
        else:
            score, signals = compute_suspicion_score(
                candidate_meta, target_meta, args.target, args.registry
            )
            result = {
                "candidate": args.candidate,
                "target": args.target,
                "registry": args.registry,
                "score": score,
                "risk": classify_risk(score),
                "signals": signals,
                "candidate_metadata": candidate_meta,
                "target_metadata": target_meta,
            }

    elif args.command == "generate":
        candidates = generate_typosquat_candidates(args.package)
        result = {
            "package": args.package,
            "candidate_count": len(candidates),
            "candidates": candidates,
        }

    print(json.dumps(result, indent=2, default=str))
    generate_report(result, args.output)


if __name__ == "__main__":
    main()
Keep exploring