Packages like msw, nock, and fetch-mock intercept network traffic at the module level. If one is imported from a production route or shared client, every outbound call from that path hits the mock instead of the real backend — so payments, auth, and analytics silently no-op while returning fake success responses. The defect typically ships because AI scaffolding imports these libraries into source files while prototyping, and the import is never removed before deploy.
High because a single stray mock import can redirect entire subsystems to fabricated responses in production.
Move every mock-library import into files under tests/ or __tests__/ and delete the import from production source. Verify your bundler output with next build or webpack --profile to confirm none of the listed packages appear. Example correction:
// tests/handlers.ts — mocks live here, never in src/
import { rest } from 'msw'
ID: ai-slop-half-finished.mock-responses.mock-lib-imported-in-prod
Severity: high
What to look for: Walk all non-test source files and count all imports from these exact mock-library packages: msw, @mswjs/data, @mswjs/cookies, nock, sinon, testdouble, mock-fs, mock-aws-s3, aws-sdk-mock, fetch-mock, jest-fetch-mock, @pact-foundation/pact, mocker-data-generator, @faker-js/faker (unless imported only in seed files), chance, casual. Report each file path and the mock library it imports.
Pass criteria: 0 imports of mock libraries in non-test source files (excluding seed files for @faker-js/faker, chance, casual). Report: "Scanned X non-test source files, 0 import mock libraries."
Fail criteria: At least 1 non-test source file imports a mock library from the list (excluding legitimate seed-file usage of data generators).
Skip (N/A) when: 0 mock libraries from the list appear in package.json dependencies or devDependencies.
Detail on fail: "2 production files import mock libraries: src/app/api/users/route.ts imports 'msw', src/lib/api-client.ts imports 'fetch-mock'"
Remediation: Mock libraries are for tests, not production. If an MSW handler ends up in a production route, all traffic goes to the mock instead of the real backend. Move mock usage to test files only:
// Bad: src/app/api/users/route.ts
import { rest } from 'msw' // mock library in production path!
// Good: keep MSW strictly in tests/
// tests/handlers.ts
import { rest } from 'msw'
Check your bundler output to confirm mock libraries are not included in the production bundle.