registry  /  wisp-deck  /  2.22.0

wisp-deck@2.22.0

Terminal + tmux wrapper for AI coding tools (Claude Code, OpenCode)

AI Security Review

scanned 20h ago · by lpm-firewall-ai

No confirmed malicious attack surface was established. On explicit `wisp-deck` execution, the package installs its own distribution and fetches its matching GitHub-release TUI binary; it also configures selected AI-tool UI integrations.

Static reason
No blocking static signals were detected.
Trigger
User runs the `wisp-deck` npm bin and selects an AI tool.
Impact
Writes under user config/local-bin paths and may install first-party OpenCode/Claude UI configuration; no evidence of credential exfiltration, stealth persistence, or foreign control-surface mutation.
Mechanism
User-invoked local setup plus package-aligned GitHub release binary download.
Rationale
The observed writes and network download are package-aligned, explicitly user-invoked setup behavior, with no install-time execution or concrete malicious chain. The unauthenticated release-binary download is a supply-chain hardening concern but does not establish malicious intent or behavior in this package source.
Evidence
package.jsonbin/npx-wisp-deck.jsbin/wisp-decklib/install.shlib/statusline-setup.shlib/settings-json.shtemplates/opencode-plugin.ts~/.local/share/wisp-deck~/.local/bin/wisp-deck-tui~/.claude/settings.json~/.config/opencode/plugins/wisp-deck.ts
Network endpoints2
github.com/JackUait/wisp-deck/releases/download/v${version}/wisp-deck-tui-darwin-${arch}claude.ai/install.sh

Decision evidence

public snapshot
AI called this Clean at 87.0% confidence as Benign with low false-positive risk.
Evidence for block
  • `bin/npx-wisp-deck.js` downloads and chmods a release TUI binary on explicit CLI use.
  • `bin/wisp-deck` explicitly installs Claude statusline/OpenCode plugin files after tool selection.
Evidence against
  • `package.json` has no preinstall, install, postinstall, or prepare lifecycle hook.
  • `bin/npx-wisp-deck.js` only runs through the declared user-invoked `wisp-deck` bin.
  • Release download is fixed to `github.com/JackUait/wisp-deck` and version/architecture path.
  • Inspected agent integrations are statusline/idle UI helpers, not credential collection or exfiltration.
  • No source path sends environment variables, Claude data, or local files to a remote endpoint.
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemShell
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 8.10 KB of source, external domains: github.com

Source & flagged code

1 flagged · loading source
wrapper.shView file
path = wrapper.sh kind = build_helper sizeBytes = 27036 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

wrapper.shView on unpkg

Findings

2 Medium2 Low
MediumEnvironment Vars
MediumShips Build Helperwrapper.sh
LowFilesystem
LowUrl Strings