registry  /  port-authority-agent-terminal-mcp  /  0.3.6

port-authority-agent-terminal-mcp@0.3.6

Cross-platform (Windows + macOS) lane coordinator for AI coding agents (Claude, Codex, etc.) — keeps multiple local agents from colliding on dev-server ports, Chrome debug ports, and Chrome user profiles. Includes a CLI, an MCP server, and a native Tauri

AI Security Review

scanned 7d ago · by lpm-firewall-ai

No confirmed malicious attack surface. The package has install-time setup that stages its dashboard and optionally writes MCP/shortcut/autostart config, but the behavior is disclosed and package-aligned.

Static reason
High-risk behavior combination matched malicious policy.
Trigger
global npm install or explicit paat CLI commands
Impact
User gets CLI, MCP server registration, and Windows dashboard shortcut/autostart when applicable; no evidence of theft or remote control.
Mechanism
desktop/MCP integration setup for port coordination tool
Rationale
Static source inspection shows lifecycle behavior is an explicit installer for this package's dashboard and MCP integrations, including backups and skip gates. Scanner flags map to high-risk primitives, but the inspected code does not show credential exfiltration, covert network use, destructive action, or unconsented agent hijacking beyond documented package setup.
Evidence
package.jsonscripts/postinstall.cjsdist/src/cli/install-mcp.jsdist/src/cli/shortcut.jsdist/src/cli/autostart.js

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with medium false-positive risk.
Evidence for block
    Evidence against
    • package.json postinstall is gated to global/self installs and skips CI/transitive installs
    • scripts/postinstall.cjs stages a bundled dashboard binary and invokes documented setup commands; failures exit 0
    • dist/src/cli/install-mcp.js writes Claude/Codex MCP config entries with backups for the package's MCP server
    • dist/src/cli/shortcut.js and autostart.js are Windows-only user integration helpers, not hidden persistence outside stated dashboard startup
    • No credential harvesting, exfiltration endpoint, obfuscated payload, or destructive behavior found in inspected source
    Behavioral surface
    Source
    ChildProcessEnvironmentVarsFilesystemNetworkShell
    Supply chain
    HighEntropyStringsUrlStrings
    ManifestNo manifest risk signals triggered.
    scanned 45 file(s), 339 KB of source, external domains: 127.0.0.1, docs.claude.com, rustup.rs

    Source & flagged code

    4 flagged · loading source
    package.jsonView file
    scripts.postinstall = node -e "try{require('./scripts/postinstall.cjs')}catch(e){if(e&&e.code==='MODULE_NOT_FOUND'&&String(e.message).includes('scripts/postinstall.cjs')){console.warn('[paat postinstall...
    Critical
    Red Install Lifecycle Script

    Install-time lifecycle script matches a deterministic static-gate block pattern.

    package.jsonView on unpkg
    scripts.postinstall = node -e "try{require('./scripts/postinstall.cjs')}catch(e){if(e&&e.code==='MODULE_NOT_FOUND'&&String(e.message).includes('scripts/postinstall.cjs')){console.warn('[paat postinstall...
    High
    Install Time Lifecycle Scripts

    Package defines install-time lifecycle scripts.

    package.jsonView on unpkg
    scripts/build-dashboard-tauri.cjsView file
    31L32: const { spawnSync } = require("node:child_process"); L33: const path = require("node:path"); ... L36: L37: const repoRoot = path.resolve(__dirname, ".."); L38: const guiDir = path.join(repoRoot, "gui"); ... L43: L44: function log(msg) { process.stdout.write(`[build-dashboard] ${msg}\n`); } L45: function warn(msg) { process.stderr.write(`[build-dashboard] ${msg}\n`); } ... L48: * doesn't auto-append .cmd on Windows when shell:false, so we have to. */ L49: function npmCmd() { return process.platform === "win32" ? "npm.cmd" : "npm"; } L50: function cargoCmd() { return process.platform === "win32" ? "cargo.exe" : "cargo"; }
    High
    Sandbox Evasion Gated Capability

    Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

    scripts/build-dashboard-tauri.cjsView on unpkg · L31
    bin/paat-dashboard.exeView file
    path = bin/paat-dashboard.exe kind = native_binary sizeBytes = 9732608 magicHex = [redacted]
    Medium
    Ships Native Binary

    Package ships native binary artifacts.

    bin/paat-dashboard.exeView on unpkg

    Findings

    1 Critical2 High4 Medium5 Low
    CriticalRed Install Lifecycle Scriptpackage.json
    HighInstall Time Lifecycle Scriptspackage.json
    HighSandbox Evasion Gated Capabilityscripts/build-dashboard-tauri.cjs
    MediumNetwork
    MediumEnvironment Vars
    MediumShips Native Binarybin/paat-dashboard.exe
    MediumStructural Risk Force Deep Review
    LowNon Install Lifecycle Scripts
    LowScripts Present
    LowFilesystem
    LowHigh Entropy Strings
    LowUrl Strings