AI Security Review
scanned 22h ago · by lpm-firewall-aiNo confirmed malicious attack surface. The package is a user-invoked Orcha runtime bridge that connects to a configured Orcha URL and runs configured local agent runtimes.
Static reason
One or more suspicious static signals were detected.
Trigger
Running orcha-runtime-bridge bin/start/run after user configuration
Impact
Remote Orcha requests can drive configured local runtimes, but this is package-aligned and opt-in.
Mechanism
User-configured runtime bridge and process launcher
Rationale
Static inspection shows dual-use bridge behavior that is documented and user-invoked, with no install-time execution, unconsented agent control-surface mutation, exfiltration, or hidden persistence. The scanner findings are explained by expected env parsing, WebSocket communication, and configured child-process runtime adapters.
Evidence
package.jsonbin/orcha-runtime-bridge.jsREADME.md.env.example.env.orcha-runtime-bridge.pid.orcha-runtime-bridge.log/tmp/orcha-runtime-last-message-*.txt
Network endpoints2
ORCHA_RUNTIME_ORCHA_URL + /api/agent-runtime-bridge/wsorcha.example.com/api/agent-runtime-bridge/ws
Decision evidence
public snapshotAI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
- bin/orcha-runtime-bridge.js opens outbound WebSocket to ORCHA_RUNTIME_ORCHA_URL and handles remote runtime requests.
- bin/orcha-runtime-bridge.js can spawn configured runtime commands from ORCHA_RUNTIME_TARGETS_JSON.
- start command can daemonize and write pid/log files in cwd or configured paths.
Evidence against
- package.json has no npm lifecycle hooks; execution is via bin or start script only.
- Network endpoint, token, and runtime targets are user-configured in env/.env, matching README deployment flow.
- No code writes Claude/Codex/MCP config, agent instructions, shell startup files, VCS hooks, or foreign control surfaces.
- No credential/file harvesting beyond loading local .env and optional runtime artifact files provided by target output.
- HTTP server mode binds 127.0.0.1 by default and uses optional bearer token when configured.
Behavioral surface
EnvironmentVars
Minified
NoLicense
Source & flagged code
2 flagged · loading sourcebin/orcha-runtime-bridge.jsView file
1#!/usr/bin/env node
L2: import{spawn as Rt}from"node:child_process";import{closeSync as St,existsSync as Ut,mkdirSync as xt,openSync as Ot,readFileSync as Nt,rmSync as At,writeFileSync as bt}from"node:fs"...
L3: `):""}var C=class{constructor(e){this.agent=e,this.sessionCounter=0}async sessionNew(){return this.sessionCounter+=1,{sessionId:`echo-${this.agent.agentId}-${this.sessionCounter}`}...
L4: \r
...
L10: `}}})}}}async sessionCancel(e){let t=o(e.sessionId),r=this.active.get(t);return r?(m("info","runtime.cli","cancelling runtime child",{target:this.agent.targetCode,sessionId:t,pid:r...
L11: `)}];return this.prompt({...e,agentId:r,sessionId:a,prompt:d},t)}async requestPermission({agent:e,runtimeSessionId:t,request:r,emitUpdate:n}){let i=$(),c=this.runtimeSessionIndex.g...
L12: `).replaceAll("\\r","\r").replaceAll("\\t"," ").replaceAll('\\"','"').replaceAll("\\\\","\\")}function Tt(s){let e=!1,t=!1;for(let r=0;r<s.length;r+=1){let n=s[r],i=s[r-1];if(n==="...
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
bin/orcha-runtime-bridge.jsView on unpkg · L11#!/usr/bin/env node
L2: import{spawn as Rt}from"node:child_process";import{closeSync as St,existsSync as Ut,mkdirSync as xt,openSync as Ot,readFileSync as Nt,rmSync as At,writeFileSync as bt}from"node:fs"...
L3: `):""}var C=class{constructor(e){this.agent=e,this.sessionCounter=0}async sessionNew(){return this.sessionCounter+=1,{sessionId:`echo-${this.agent.agentId}-${this.sessionCounter}`}...
L4: \r
...
L10: `}}})}}}async sessionCancel(e){let t=o(e.sessionId),r=this.active.get(t);return r?(m("info","runtime.cli","cancelling runtime child",{target:this.agent.targetCode,sessionId:t,pid:r...
L11: `)}];return this.prompt({...e,agentId:r,sessionId:a,prompt:d},t)}async requestPermission({agent:e,runtimeSessionId:t,request:r,emitUpdate:n}){let i=$(),c=this.runtimeSessionIndex.g...
L12: `).replaceAll("\\r","\r").replaceAll("\\t"," ").replaceAll('\\"','"').replaceAll("\\\\","\\")}function Tt(s){let e=!1,t=!1;for(let r=0;r<s.length;r+=1){let n=s[r],i=s[r-1];if(n==="...
High
Command Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
bin/orcha-runtime-bridge.jsView on unpkg · L1Findings
2 High1 Medium2 Low
HighSame File Env Network Executionbin/orcha-runtime-bridge.js
HighCommand Output Exfiltrationbin/orcha-runtime-bridge.js
MediumEnvironment Vars
LowScripts Present
LowNo License