
Security News
PolinRider: North Korea-Linked Supply Chain Campaign Expands Across Open Source Ecosystems
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.
wolfpack-bridge
Advanced tools
Mobile/browser command center for AI coding agents on your own machines
Control Claude, Codex, Gemini, or any shell command from your phone or browser. Wolfpack runs on your own macOS/Linux machine — laptop, workstation, or cloud VM — and gives you a PWA command center for long-running AI coding sessions across your Tailscale tailnet.
Sessions live in a Rust PTY broker, not the web server, so server restarts and redeploys do not kill your agents. There is no Wolfpack-hosted relay or account; remote access is normally handled by Tailscale.
curl -fsSL https://raw.githubusercontent.com/almogdepaz/wolfpack/main/install.sh | bash
wolfpack
The installer downloads the right pre-built binaries for your platform, runs setup, and can install Wolfpack as a login service. Supported: macOS arm64/x64 and Linux x64/arm64.
Want npm instead?
bunx wolfpack-bridge
# or
npx wolfpack-bridge
If setup gets weird, run:
wolfpack doctor
Uninstall is explicit:
wolfpack uninstall --yes
tailscale serve for HTTPS remote access.Local-only browser use works without Tailscale. Phone/remote use is where Tailscale earns its keep.
Wolfpack starts sessions by running a command in the selected project directory. Configure commands in Settings → Agents.
| Agent | Command |
|---|---|
| Shell | shell |
| Claude Code | claude |
| Codex | codex |
| Gemini | gemini |
| Custom wrapper | any command on PATH, for example opencode or my-agent --flag |
cmd validation intentionally rejects shell metacharacters for session commands. If you need complex setup, put it in a wrapper script on PATH and add that command.
wolfpack Start the server (runs setup on first launch)
wolfpack setup Re-run the setup wizard
wolfpack ls List active broker sessions
wolfpack kill <name> Kill a session
wolfpack doctor Diagnose broker, binaries, JWT, Tailscale
wolfpack service ... install / start / stop / restart / status / uninstall (add --broker to include broker)
wolfpack uninstall --yes Remove everything
Troubleshooting: docs/troubleshooting.md.
Wolfpack is self-hosted software for machines you control. Those machines can be local laptops, workstations, or cloud VMs.
Running coding agents is intentionally powerful: those commands execute with your local user permissions in the chosen project directory. Treat Wolfpack access like shell access to that machine.
┌─────────────┐ ┌───────────┐ ┌──────────────────────────────────────────┐
│ Phone / │ │ Tailscale │ │ Your machine / cloud VM │
│ Browser │◄──►│ (HTTPS) │◄──►│ │
│ (PWA) │ │ mesh VPN │ │ ┌──────────┐ unix ┌──────────────┐ │
└─────────────┘ └───────────┘ │ │ wolfpack │ socket │ wolfpack- │ │
│ │ server │◄───────►│ broker │ │
│ │ (Bun) │ │ (Rust, PTY) │ │
│ │ HTTP/WS │ │ owns agents │ │
│ └──────────┘ └──────────────┘ │
└──────────────────────────────────────────┘
wolfpack-broker, Rust daemon. Owns every PTY, keeps per-session output rings. One Unix-domain socket per host ($XDG_RUNTIME_DIR/wolfpack-broker.sock, fallback ~/.wolfpack/broker.sock). Wire protocol in docs/broker-protocol.md.Tailscale already gates who can reach the server. If you want an extra auth layer on top — useful if you share your tailnet with others, or for defense-in-depth — set a JWT secret:
export WOLFPACK_JWT_SECRET="$(openssl rand -base64 48)"
Tokens are HS256; the server validates, it does not issue — sign them with any JWT library using the same secret.
Optional: WOLFPACK_JWT_AUDIENCE, WOLFPACK_JWT_ISSUER, WOLFPACK_JWT_CLOCK_TOLERANCE_SEC (default 30s).
~/.wolfpack/config.json (mode 0600):
{
"devDir": "/Users/you/Dev",
"port": 18790,
"tailscaleHostname": "your-machine.tailnet-name.ts.net"
}
Per-server agent settings live in ~/.wolfpack/bridge-settings.json.
Wolfpack exposes repository-local agent skills in skills/:
wolfpack-plan — plan-file task header conventions that Ralph can parse.wolfpack-ralph — Ralph loop response contract, notifications, and sandbox/socket caveats.wolfpack-tailnet-control — discover, inspect, and control Wolfpack terminal sessions across Tailscale hosts.Copy or symlink these skill directories into an agent's skill path when you want that agent to opt in.
See CONTRIBUTING.md for dev setup, the asset pipeline, and PR conventions.
Bugs and feature requests: GitHub Issues. Questions and ideas: Discussions.
MIT
FAQs
Mobile/browser command center for AI coding agents on your own machines
We found that wolfpack-bridge demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Security News
PolinRider expands across npm, Packagist, Go modules, and Chrome extensions, using hidden loaders to target developer environments.

Security News
Open source attacks are accelerating as AI coding agents pull in dependencies faster, with less human review.

Research
/Security News
Malicious Chrome and Firefox extensions posed as free VPNs while stealing clipboard data through later extension updates.