codex-usage-status
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script 'scripts/codex_usage_status.py' executes the external 'openclaw' binary using 'subprocess.run'. The execution uses a list of arguments and 'shell=False', which prevents command injection vulnerabilities. User-provided arguments like 'timeout' are validated as integers by 'argparse' before being passed to the command.
- [PROMPT_INJECTION] (SAFE): The skill processes external data from the 'openclaw' CLI output (Category 8: Indirect Prompt Injection). 1. Ingestion points: 'scripts/codex_usage_status.py' reads output from the 'openclaw status' command. 2. Boundary markers: Not present in the resulting display instructions. 3. Capability inventory: The skill is limited to read-only status reporting and does not have write or network capabilities. 4. Sanitization: The input is parsed as JSON, and the script only extracts specific numeric and string fields for display. Given the narrow scope and lack of dangerous capabilities, this surface is considered safe.
Audit Metadata