
Research
/Security News
jscrambler npm Package Compromised in Supply Chain Attack
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.
@hklmtt/falinks
Advanced tools
把多个终端 AI CLI(Claude Code、Codex…)编排成一间办公室:分屏真实窗口里的员工,通过 MCP 总线互相对话协作,外加一个控制台。
╔═╗╔═╗╦ ╦╔╗╔╦╔═╔═╗
╠╣ ╠═╣║ ║║║║╠╩╗╚═╗
╚ ╩ ╩╩═╝╩╝╚╝╩ ╩╚═╝
English · 简体中文
A room full of AI workhorses — you just run your mouth 🐴
Orchestrate several terminal AI CLIs (Claude Code, Codex…) into one office: inside a single split iTerm2 window, each CLI is a "worker"; they talk to each other over an MCP bus and collaborate on tasks. On the left sits a console where you (the boss) watch the roster and message feed in real time, give orders, and add/remove workers.
The name comes from the Pokémon Falinks (a six-in-a-row formation): one leader marching a squad in coordination — exactly this project's model.
falinks becomes the office — console on the left, worker panes tiled on the right. No extra windows.sendmsg to B, falinks injects the message into B's pane; B replies when done — routing is automatic.claude and codex can be workers.ask tool): a worker can use ask(to, question, options) to pose a choice — to the boss it renders as an arrow picker (↑↓ to select, Enter to answer) and the answer is routed back; to a peer it arrives as a numbered-options message.falinks again in the same directory and pick "continue current team" — each worker comes back with its prior conversation memory (claude --resume, codex resume). Session records live in ~/.falinks/sessions/; switching teams starts fresh. Resume is silent (no redoing old tasks).~/.falinks/messages/ (rolling cap); history survives restarts. The console message panel is multi-line, per-speaker colored, and timestamped.@all broadcasts./add wizard), /clear a worker's context (identity auto-restored after), auto-offline on window close, runaway guards (turn cap / loop detection / throttle), and a token-saving collaboration rule (no pleasantries).model in the config, or the /add wizard's model step — leave blank for the CLI default); passed as claude --model / codex -m and kept across restart/resume./restart <name> [fresh]: relaunch a worker's CLI with the correct MCP config (fresh = brand-new session) — the right way to restart, instead of manually rerunning a CLI in the pane./todo unattended task list: queue tasks (add / list / rm / clear), then start [N] to let the office grind through them while you're away — the lead reports each task via the taskdone tool, an idle nudge fires every N minutes (default 10, never gives up), failures don't stop the list, and a summary lands at the end. The list is persisted: after a restart it's paused until /todo resume.~/.falinks/runtime/<hash>.json); falinks say/roster/log find the matching instance by current directory; same-directory double-start is blocked.zh = Chinese, otherwise English); switch anytime with /lang in the console or falinks lang, persisted globally (~/.falinks/settings.json)./Applications/iTerm.app)claude (Claude Code) and/or codexnpm install -g @hklmtt/falinks # global install on macOS often needs sudo: sudo npm i -g @hklmtt/falinks
falinks doctor # check your environment (Node / iTerm2 / claude / codex)
The command is
falinks(the package is scoped, but the command is justfalinks). When a new version exists, the console notifies you of the update command (it never auto-updates).
cd into your project and type one word:
cd ~/your-project
falinks
Every launch lets you pick a team (↑↓ to select, Enter to confirm) — so each project can use a different team:
falinks — pick a team (↑↓ select · Enter confirm)
▶ continue current team (alice/bob) ← default when a config exists; Enter to keep it
Solo assistant (1)
Pair programming (developer + reviewer) (2)
Full-stack squad (lead + frontend + backend + QA) (4)
Research group (researcher + writer + editor) (3)
+ Custom team…
Once picked, the office spins up in this one window: console on the left, workers on the right. Picking a new team updates that directory's falinks.config.json; "continue current" keeps it. To wrap up: Ctrl-C in that window.
The console input box on the left (with autocomplete for both @ and /):
| Input | Effect |
|---|---|
@alice take a look at login | DM a worker |
plain text (no @) | reply to "the last party you talked to" |
@all sync up everyone | broadcast to all (only @all broadcasts, to avoid mistakes) |
Shift+Enter or \ + Enter | newline in the input box (multi-line) |
Ctrl+V | paste a clipboard screenshot (inserts [Image N], expanded to a path for the worker to read on send) |
/add | add a worker via wizard: name → cli → model → role → working directory (model blank = CLI default) |
/clear [name] | clear a worker's context (no name = all); identity is re-injected and the worker stands by again |
/restart <name> [fresh] | relaunch a worker's CLI with the correct MCP config (fresh = brand-new session) |
/todo … | unattended task list: add <content> / list / rm <seq> / clear / start [nudge-minutes] / stop / resume |
/remove bob | remove a worker (closes its pane) |
/help | usage |
/lang | switch UI language (中文 / English), takes effect immediately |
Ctrl-C | quit (asks first whether to close all worker windows) |
Shift+Enterworks out of the box (kitty keyboard protocol; supported terminals like iTerm2 3.5+ get it directly); on unsupported terminals use\+ Enter.
There are also scripting subcommands (from any terminal):
falinks say <agent> <message> # DM as the "boss"
falinks broadcast <message> # broadcast
falinks roster # roster + status
falinks log # message feed
falinks init # only generate/pick a config, don't launch
falinks doctor # environment self-check
falinks lang # switch UI language (set before launch)
falinks.config.json{
"agents": [
{ "name": "alice", "cli": "claude", "cwd": ".", "role": "lead", "bootstrap": "You coordinate and delegate.", "model": "claude-opus-4-8" },
{ "name": "bob", "cli": "codex", "cwd": ".", "role": "backend", "bootstrap": "You write the backend." }
],
"routes": { "manager": "alice" },
"guards": { "maxTurnsPerThread": 20, "maxInjectionsPerMinute": 30, "loopWindow": 3 }
}
cwd: the worker's working directory (defaults to where you ran falinks; usually everyone shares it).role / bootstrap: the worker's role and opening setup.model: pin this worker's model (optional; omit for the CLI default). Passed as claude --model / codex -m and kept across restart/resume.routes: map a role alias to a specific worker (optional).guards: runaway protection (turn cap / messages-per-minute cap / repeat-loop breaker).busPort is optional; omit it and the OS assigns a free port (lets multiple projects run at once).Saved custom-team templates live in ~/.falinks/templates/ and show up in the next picker.
falinks runs an MCP HTTP bus in-process; each worker's CLI connects to …/agent/<name>/mcp (the sender is inferred from the path and can't be forged). Workers collaborate through the MCP tools register / sendmsg / ask / idle / who; the send direction goes through tool calls, while delivery is done by falinks injecting text into the target worker's pane (iTerm write text) to wake it. falinks also polls the screen to detect when a worker is idle and flushes queued messages (it doesn't rely on the worker self-reporting idle, so a worker interrupted with Ctrl-C still keeps receiving). All workers share one "collaboration rule" (register first, only reply with substance, no pleasantries, call idle to finish, use ask for choices) to save tokens.
--dangerously-skip-permissions / --dangerously-bypass-approvals-and-sandbox: this is a local, single-user, mutually-trusted collaboration scenario, not a security sandbox — a message from A to B is executed by B as an instruction. Do not use it on untrusted content.v* tag and GitHub Actions publishes to npm via Trusted Publishing (OIDC, no stored secrets, with provenance). See docs/RELEASE.md.MIT
FAQs
把多个终端 AI CLI(Claude Code、Codex…)编排成一间办公室:分屏真实窗口里的员工,通过 MCP 总线互相对话协作,外加一个控制台。
We found that @hklmtt/falinks demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.

Research
/Security News
A malicious .NET package is typosquatting the Braintree SDK to steal live payment card data, merchant API keys, and host secrets from production apps.

Security News
/Research
Compromised Injective SDK npm version 1.20.21 exfiltrates wallet private keys and mnemonics through fake telemetry functionality.