TARILIO
by electronart
Overview
Desktop information retrieval with an integrated AI Assistant, supporting local LLMs and Hugging Face downloads.
Installation
No command providedSecurity Notes
The project exhibits several security concerns: dynamic loading and execution of HTML, CSS, and JavaScript content via `window.ExtrasProvider` (`getCustomRenderHtml`, `getCSS`, `getJS`) without clear indication of input sanitization or trusted sources, which could lead to XSS or remote code execution. The presence of minified/obfuscated JavaScript files (`tiff.min.js`, `viewer.js`) hinders a complete security audit. Most critically, the truncated README explicitly mentions a 'HACK' involving manual overwriting of `ggml` DLLs in the installation folder due to installer issues, which is a significant risk for system integrity and stability, and could be exploited for malicious DLL injection. The `debugger.js` file also contains `eval`-like behavior (via `pdfjsLib.createObjectURL`), though this is within a debugging tool.
Similar Servers
5ire
A desktop AI assistant client that integrates with various LLM providers and supports extensible tool and prompt functionalities via the Model Context Protocol (MCP).
gemini-cli-desktop
A cross-platform desktop and web application providing a modern UI for various AI CLIs (Gemini, Qwen, LLxprt), enabling structured interaction with AI models, visual tool confirmation, real-time thought processes, code diff viewing, chat history management, and file system integration.
UI-TARS-desktop
UI-TARS Desktop is a GUI Agent application that allows users to control their computer using natural language, leveraging Vision-Language Models (VLM) and local/browser-based automation operators. Agent-TARS is a multimodal AI agent integrating with various real-world tools via Model Context Protocol (MCP).
esearch-project
Desktop full-text search and information retrieval application with an integrated AI Assistant, local LLM server, and Hugging Face LLM download capabilities.