—

@wonderwhy-er/desktop-commander

Not yet scanned · npm

$npm install @wonderwhy-er/desktop-commander

Downloads: 66,692

Ready to scan

This package is in MCPSafe’s catalog but hasn’t been scanned yet. Run a Fast scan for rules + CVE findings in under 5 minutes, or a Deep scan to add LLM consensus review across 5 judges (sign in required, up to 20 min).

About

MCP server for terminal operations and file editing

What a scan checks

Threats40+ rules: prompt injection, destructive tool schemas, IAM wildcards, OAuth over-scope, install-time hooks, and more.
Known CVEsMatches package + dependency versions against NVD and GHSA advisory databases.
Supply chainTyposquat detection, malware indicators, suspicious install hooks, and maintainer signals.
Runtime safetySecret exfiltration paths, overbroad schemas, destructive operations without confirmation, and schema robustness.