UI-TARS-desktop

The `ui-tars-desktop` application has critical Electron security vulnerabilities including: 1) `preload/index.ts` directly exposes `ipcRenderer` methods to the renderer process (`contextIsolation` bypassed for `window.electron`), allowing potential full Node.js API access if a script is injected. 2) `apps/ui-tars/src/main/window/ScreenMarker.ts` creates new `BrowserWindow` instances with `nodeIntegration: true` and `contextIsolation: false`, making these windows highly vulnerable to arbitrary code execution. 3) `apps/ui-tars/src/main/window/createWindow.ts` uses `sandbox: false`. The `agent-tars-app` part, while using `contextIsolation: true` and Content Security Policy, sets `webSecurity: false` for its main window, allowing unrestricted cross-origin requests which is a significant risk. The integration with `mcp-servers/commands` package allows execution of arbitrary shell commands, posing a severe risk if LLM output is not perfectly sanitized. File system access (`ipcRoutes/filesystem.ts`) can be configured via `setAllowedDirectories`, but improper configuration or bypass could lead to unauthorized file operations. `shell.openExternal` and `shell.openPath` calls can open arbitrary URLs or local files from agent actions.