registry  /  @whalent/desktop-agent  /  0.3.227

@whalent/desktop-agent@0.3.227

Whalent cloud-desktop sidecar daemon (platform cloud image only)

AI Security Review

scanned 21h ago · by lpm-firewall-ai

An explicitly launched desktop sidecar connects to its configured WebSocket gateway and executes a constrained desktop-command set. It can invoke fixed local helpers and read/write the configured X display clipboard. No malicious install-time or hidden payload attack surface was confirmed.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
Explicit `whalent-desktop-agent` CLI execution, then gateway `desktop.exec` messages.
Impact
Authorized gateway control can open desktop helpers, resize the display, and transfer X clipboard text.
Mechanism
Authenticated WebSocket desktop-control sidecar with fixed helper spawning.
Rationale
This is an obfuscated, intentionally remote-controlled desktop sidecar, but the source shows bounded, package-aligned capabilities rather than a concrete malicious chain. The scanner's obfuscation and process/network signals are therefore insufficient to block it.
Evidence
package.jsonREADME.mddist/index.cjswhalent-desktopwhalent-resizexclip
Network endpoints2
wss://gateway.whalent.co/gw/sdk/wsmemory.whalent.co

Decision evidence

public snapshot
AI called this Clean at 87.0% confidence as Benign with medium false-positive risk.
Evidence for block
  • `dist/index.cjs` is deliberately obfuscated, reducing auditability.
  • Runtime connects to a configurable gateway and dispatches remote desktop commands.
  • `clip_get` returns X clipboard contents through the command-result channel.
  • `browser`/`terminal`/`memory` launch a fixed local `whalent-desktop` helper.
Evidence against
  • `package.json` has no preinstall/install/postinstall hook; only publish-time `prepublishOnly`.
  • `dist/index.cjs` restricts actions to browser, terminal, memory, resize, clip_set, and clip_get.
  • Child processes use fixed executable names and argument arrays; no shell, eval, VM, or arbitrary command path was found.
  • Resize and clipboard inputs are bounded; clipboard data is capped at 256 KB.
  • No filesystem harvesting, writes, persistence, payload download, or destructive behavior was found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVars
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTrivial
Manifest
NoLicense
scanned 1 file(s), 112 KB of source

Source & flagged code

4 flagged · loading source
dist/index.cjsView file
1#!/usr/bin/env node L2: 'use strict';const a0_0x173e0f=a0_0x356d;(function(_0x5b8c9c,_0x5457fe){const _0x1770cb=a0_0x356d,_0x53c86f=_0x5b8c9c();while(!![]){try{const _0x50cc6b=-parseInt(_0x1770cb(0x1c4))/...
High
Child Process

Package source references child process execution.

dist/index.cjsView on unpkg · L1
1#!/usr/bin/env node L2: 'use strict';const a0_0x173e0f=a0_0x356d;(function(_0x5b8c9c,_0x5457fe){const _0x1770cb=a0_0x356d,_0x53c86f=_0x5b8c9c();while(!![]){try{const _0x50cc6b=-parseInt(_0x1770cb(0x1c4))/...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.cjsView on unpkg · L1
1#!/usr/bin/env node L2: 'use strict';const a0_0x173e0f=a0_0x356d;(function(_0x5b8c9c,_0x5457fe){const _0x1770cb=a0_0x356d,_0x53c86f=_0x5b8c9c();while(!![]){try{const _0x50cc6b=-parseInt(_0x1770cb(0x1c4))/...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/index.cjsView on unpkg · L1
1#!/usr/bin/env node L2: 'use strict';const a0_0x173e0f=a0_0x356d;(function(_0x5b8c9c,_0x5457fe){const _0x1770cb=a0_0x356d,_0x53c86f=_0x5b8c9c();while(!![]){try{const _0x50cc6b=-parseInt(_0x1770cb(0x1c4))/...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.cjsView on unpkg · L1

Findings

1 Critical4 High3 Medium4 Low
CriticalProtestware
HighChild Processdist/index.cjs
HighSame File Env Network Executiondist/index.cjs
HighObfuscated Payload Loaderdist/index.cjs
HighObfuscated
MediumDynamic Requiredist/index.cjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings
LowNo License