model-usage
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/model_usage.pyexecutes thecodexbarcommand usingsubprocess.check_outputto retrieve usage data. The command is invoked using a list of arguments, which is a secure practice that prevents shell injection. - [EXTERNAL_DOWNLOADS]: The skill metadata specifies the installation of the
codexbarCLI tool via Homebrew from a third-party tap (steipete/tap/codexbar). This is the primary dependency required for the skill's functionality. - [DATA_EXPOSURE]: The skill is designed to process local usage logs (typically found in
~/.codex/and~/.claude/via the CLI tool). The processing is performed entirely locally, and no evidence of data exfiltration or network transmission of these logs was detected. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The
scripts/model_usage.pyscript reads JSON data from thecodexbarCLI output, local files via the--inputflag, or standard input. - Boundary markers: None present in the prompt interpolation.
- Capability inventory: The script includes file read operations and subprocess execution of the
codexbarcommand. - Sanitization: Input data is parsed using the standard
jsonlibrary, and the script performs structural validation on the expected keys (e.g.,modelBreakdowns,provider) before processing.
Audit Metadata