omx
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation explicitly recommends the use of the
--madmaxflag, which maps to the underlying Codex CLI flag--dangerously-bypass-approvals-and-sandbox. This bypasses human-in-the-loop approvals and security sandboxing for all generated commands and tool calls. - [REMOTE_CODE_EXECUTION]: The skill implements a 'Hook Extensions' feature that dynamically loads and executes JavaScript files from the
.omx/hooks/*.mjsdirectory. This creates a mechanism for arbitrary code execution through locally stored scripts. - [EXTERNAL_DOWNLOADS]: The installation process requires globally installing the
oh-my-codexpackage from the NPM registry, which introduces an external software dependency. - [COMMAND_EXECUTION]: The 'Team Mode' and 'Autopilot' workflows involve orchestrating multiple parallel agents in
tmuxsessions to execute complex command sequences across the local filesystem without explicit per-command review when running in recommended modes.
Recommendations
- AI detected serious security threats
Audit Metadata