registry  /  remote-codex  /  0.11.23

remote-codex@0.11.23

⚠ Under review

Local web supervisor for Codex workspaces and threads.

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 84 file(s), 5.69 MB of source, external domains: 127.0.0.1, appassets.androidplatform.net, developers.openai.com, files.rcsb.org, github.com, pro.reactflow.dev, pubchem.ncbi.nlm.nih.gov, radix-ui.com, raw.githubusercontent.com, react.dev, reactflow.dev, relay.local, tailscale.com, www.w3.org

Source & flagged code

8 flagged · loading source
bin/remote-codex.mjsView file
7import readline from 'node:readline/promises'; L8: import { spawn } from 'node:child_process'; L9: import { fileURLToPath } from 'node:url';
High
Child Process

Package source references child process execution.

bin/remote-codex.mjsView on unpkg · L7
7Cross-file remote execution chain: bin/remote-codex.mjs spawns apps/supervisor-api/dist/index.js; helper contains network access plus dynamic code execution. L7: import readline from 'node:readline/promises'; L8: import { spawn } from 'node:child_process'; L9: import { fileURLToPath } from 'node:url'; ... L12: const packageRoot = path.resolve(binDir, '..'); L13: const packageJsonPath = path.join(packageRoot, 'package.json'); L14: const serviceManagerPath = path.join(packageRoot, 'scripts', 'service-manager.mjs'); ... L18: const supervisorSourceEntry = path.join(packageRoot, 'apps', 'supervisor-api', 'src', 'index.ts'); L19: const relaySupervisorConfigPath = process.env.REMOTE_CODEX_RELAY_SUPERVISOR_CONFIG L20: ? path.resolve(process.env.REMOTE_CODEX_RELAY_SUPERVISOR_CONFIG) L21: : path.join(os.homedir(), '.remote-codex', 'relay-supervisor.json'); L22: const sourceCheckout = ... L188: ['REMOTE_CODEX_SESSION_SECRET', 'Private supervisor session signing secret. Defaults to a saved generated value.'],
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

bin/remote-codex.mjsView on unpkg · L7
apps/supervisor-api/dist/index.jsView file
9987case "execCommandApproval": L9988: return "legacyExecApproval"; L9989: case "applyPatchApproval":
High
Shell

Package source references shell execution.

apps/supervisor-api/dist/index.jsView on unpkg · L9987
packages/claude/src/runtimeAdapter.tsView file
2201async function importOptionalPackage(specifier: string) { L2202: const dynamicImport = new Function('specifier', 'return import(specifier);') as ( L2203: specifier: string,
Medium
Dynamic Require

Package source references dynamic require/import behavior.

packages/claude/src/runtimeAdapter.tsView on unpkg · L2201
2201async function importOptionalPackage(specifier: string) { L2202: const dynamicImport = new Function('specifier', 'return import(specifier);') as ( L2203: specifier: string,
Low
Eval

Package source references a known benign dynamic code generation pattern.

packages/claude/src/runtimeAdapter.tsView on unpkg · L2201
scripts/service-manager.mjsView file
4import path from 'node:path'; L5: import { spawn } from 'node:child_process'; L6: import { fileURLToPath } from 'node:url'; L7: import net from 'node:net'; L8: ... L13: fs.existsSync(path.join(repoRoot, 'scripts', 'service-restart.mjs')); L14: const serviceDir = process.env.REMOTE_CODEX_SERVICE_DIR L15: ? path.resolve(process.env.INIT_CWD ?? process.cwd(), process.env.REMOTE_CODEX_SERVICE_DIR)
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

scripts/service-manager.mjsView on unpkg · L4
4Detached bundled service listener: scripts/service-manager.mjs spawns apps/relay-server/dist/index.js; helper exposes a broad-bound HTTP listener. L4: import path from 'node:path'; L5: import { spawn } from 'node:child_process'; L6: import { fileURLToPath } from 'node:url'; L7: import net from 'node:net'; L8: ... L13: fs.existsSync(path.join(repoRoot, 'scripts', 'service-restart.mjs')); L14: const serviceDir = process.env.REMOTE_CODEX_SERVICE_DIR L15: ? path.resolve(process.env.INIT_CWD ?? process.cwd(), process.env.REMOTE_CODEX_SERVICE_DIR) L16: : supportsSourceRestart ... L327: const raw = await fsp.readFile(stateFile, 'utf8'); L328: return JSON.parse(raw); L329: } catch {
High
Spawned Bundled Service Listener

Source launches a detached bundled service that exposes a broad-bound HTTP listener.

scripts/service-manager.mjsView on unpkg · L4
apps/relay-server/dist/index.jsView file
matchType = previous_version_dangerous_delta matchedPackage = remote-codex@0.11.21 matchedIdentity = npm:cmVtb3RlLWNvZGV4:0.11.21 similarity = 0.940 summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta

This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.

apps/relay-server/dist/index.jsView on unpkg

Findings

1 Critical5 High4 Medium6 Low
CriticalPrevious Version Dangerous Deltaapps/relay-server/dist/index.js
HighChild Processbin/remote-codex.mjs
HighShellapps/supervisor-api/dist/index.js
HighSame File Env Network Executionscripts/service-manager.mjs
HighCross File Remote Execution Contextbin/remote-codex.mjs
HighSpawned Bundled Service Listenerscripts/service-manager.mjs
MediumDynamic Requirepackages/claude/src/runtimeAdapter.ts
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvalpackages/claude/src/runtimeAdapter.ts
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings