Loading npm security reports…
Cross-platform Chrome bridge that connects Codex to the active Overleaf project.
No confirmed malicious attack surface. This is a privileged but user-invoked Overleaf Chrome extension/native-host bridge that can run local Codex tasks and install its own runtime.
Package source references weak cryptographic algorithms.
native-host/src/subagentBroker.jsView on unpkg · L145This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
native-host/src/updateManager.jsView on unpkgPackage source references weak cryptographic algorithms.
native-host/src/subagentBroker.jsView on unpkg · L145This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
native-host/src/updateManager.jsView on unpkg