Standalone clawd daemon — Claude Code (and future Codex) session server over WebSocket
Static analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package source references child process execution.
dist/dispatch/mcp-server.cjsView on unpkg · L39524Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/dispatch/mcp-server.cjsView on unpkg · L39511Package source references a known benign dynamic code generation pattern.
dist/peer-ops/mcp-server.cjsView on unpkg · L2943Package source references weak cryptographic algorithms.
dist/peer-ops/mcp-server.cjsView on unpkg · L1227Package ships non-JavaScript build or shell helper files.
dist/deploy-kit/scripts/verify.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/cli.cjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.cjsView on unpkgPackage source references child process execution.
dist/dispatch/mcp-server.cjsView on unpkg · L39524Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/dispatch/mcp-server.cjsView on unpkg · L39511Package source references a known benign dynamic code generation pattern.
dist/peer-ops/mcp-server.cjsView on unpkg · L2943Package source references weak cryptographic algorithms.
dist/peer-ops/mcp-server.cjsView on unpkg · L1227Package ships non-JavaScript build or shell helper files.
dist/deploy-kit/scripts/verify.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/cli.cjsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/cli.cjsView on unpkg