registry  /  tide-commander  /  1.126.0

tide-commander@1.126.0

Visual multi-agent orchestrator and manager for Claude Code with 3D/2D interface

AI Security Review

scanned 3d ago · by lpm-firewall-ai

No confirmed malicious attack surface is established by static inspection. The package is a user-invoked local AI orchestration server with optional integrations and setup helpers.

Static reason
One or more suspicious static signals were detected.
Trigger
User runs tide-commander, npm run setup, or scripts/krunner/install-krunner-integration.sh.
Impact
Benign local service behavior; no unconsented install-time execution or exfiltration confirmed.
Mechanism
local server orchestration and optional desktop/Claude hook setup
Rationale
Static review found powerful but package-aligned local orchestration features that require explicit user commands, with no lifecycle execution or covert exfiltration. The scanner hits are explained by the app's server, integration, UI, PDF worker, and desktop-helper functionality.
Evidence
package.jsondist/src/packages/server/cli.jsdist/src/packages/server/setup.jsdist/src/packages/server/index.jsdist/src/packages/shared/version.jsscripts/krunner/install-krunner-integration.shscripts/krunner/tide-krunner-runner.jsdist/assets/index-BLMHzq1V.js~/.local/share/tide-commander/server.pid~/.local/share/tide-commander/server-meta.json~/.tide-commander/certs/localhost-key.pem~/.tide-commander/certs/localhost.pem~/.claude/settings.json~/.local/bin/tide-krunner-runner~/.local/share/dbus-1/services/org.riven.tide.krunner.service~/.local/share/krunner/dbusplugins/plasma-runner-tide-commander.desktop
Network endpoints4
registry.npmjs.org/localhost:5174/apilocalhost:5173localhost:6200

Decision evidence

public snapshot
AI called this Clean at 86.0% confidence as Benign with low false-positive risk.
Evidence for block
  • User-invoked setup.js can write Claude Code hooks in ~/.claude/settings.json.
  • CLI uses child_process to spawn its server and optional mkcert/tail commands.
Evidence against
  • package.json has no install/preinstall/postinstall lifecycle hooks.
  • bin entrypoint dist/src/packages/server/cli.js only runs when tide-commander is invoked.
  • Network use is package-aligned: local server/KRunner APIs and npm version check.
  • dist/assets index secret hits are UI placeholders/config fields, not embedded credentials.
  • KRunner install script is explicit user-run integration copying local helper files.
  • No credential harvesting, exfiltration, persistence-on-install, or destructive behavior found.
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
ManifestNo manifest risk signals triggered.
scanned 349 file(s), 7.09 MB of source, external domains: 127.0.0.1, admin.google.com, api.anthropic.com, api.bitbucket.org, api.github.com, bitbucket.org, claude.ai, commander.local, console.cloud.google.com, example.com, github.com, id.atlassian.com, kenney.nl, kroki.io, ns.adobe.com, react.dev, registry.npmjs.org, wiki.example.com, www.googleapis.com, www.gstatic.com, www.w3.org, www.xfa.org, yourcompany.atlassian.net
Oversized source lightweight scan
dist/assets/main-DVOwU_fp.js2.65 MB file, sampled 256 KB
NetworkChildProcessObfuscatedHighEntropyStringsMinifiedUrlStringsgithub.comreact.dev

Source & flagged code

7 flagged · loading source
dist/assets/index-BLMHzq1V.jsView file
5patternName = private_key_openssh severity = critical line = 5 matchedText = NODE_ENV...in(`
Critical
Critical Secret

Package contains a critical-looking secret pattern.

dist/assets/index-BLMHzq1V.jsView on unpkg · L5
5patternName = private_key_openssh severity = critical line = 5 matchedText = NODE_ENV...in(`
Critical
Secret Pattern

OpenSSH private key in dist/assets/index-BLMHzq1V.js

dist/assets/index-BLMHzq1V.jsView on unpkg · L5
dist/assets/pdf.worker.min-FHbmGBN0.mjsView file
24* pdfjsBuild = ada343803 L25: */const e=!("object"!=typeof process||process+""!="[object process]"||process.versions.nw||process.versions.electron&&process.type&&"browser"!==process.type),t=[.001,0,0,.001,0,0],... L26: /*webpackIgnore: true*/
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/assets/pdf.worker.min-FHbmGBN0.mjsView on unpkg · L24
24* pdfjsBuild = ada343803 L25: */const e=!("object"!=typeof process||process+""!="[object process]"||process.versions.nw||process.versions.electron&&process.type&&"browser"!==process.type),t=[.001,0,0,.001,0,0],... L26: /*webpackIgnore: true*/
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/assets/pdf.worker.min-FHbmGBN0.mjsView on unpkg · L24
dist/src/packages/server/integrations/whatsapp/whatsapp-trigger-handler.jsView file
134direction: payload.direction, L135: body: payload.body, L136: messageType: payload.mediaType ?? 'text', ... L573: // Protocol-relative; pick scheme from baseUrl. L574: const scheme = baseUrl.startsWith('https://') ? 'https:' : 'http:'; L575: return scheme + url;
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/src/packages/server/integrations/whatsapp/whatsapp-trigger-handler.jsView on unpkg · L134
scripts/krunner/install-krunner-integration.shView file
path = scripts/krunner/install-krunner-integration.sh kind = build_helper sizeBytes = 1784 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

scripts/krunner/install-krunner-integration.shView on unpkg
dist/assets/main-DVOwU_fp.jsView file
path = dist/assets/main-DVOwU_fp.js kind = oversized_source_file sizeBytes = 2780744 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/assets/main-DVOwU_fp.jsView on unpkg

Findings

2 Critical1 High6 Medium7 Low
CriticalCritical Secretdist/assets/index-BLMHzq1V.js
CriticalSecret Patterndist/assets/index-BLMHzq1V.js
HighOversized Source Filedist/assets/main-DVOwU_fp.js
MediumDynamic Requiredist/assets/pdf.worker.min-FHbmGBN0.mjs
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumShips Build Helperscripts/krunner/install-krunner-integration.sh
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvaldist/assets/pdf.worker.min-FHbmGBN0.mjs
LowWeak Cryptodist/src/packages/server/integrations/whatsapp/whatsapp-trigger-handler.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings