omega-codex-cli
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill executes external commands using
child_process.spawnandexecSyncto interact with the Codex CLI. On Windows systems, it utilizescmd.exewith standard flags to ensure compatibility andtaskkillto manage process timeouts. - [EXTERNAL_DOWNLOADS]: If the Codex CLI is not found locally, the skill attempts to run it using
npx -y @openai/codex, which downloads the package from the official NPM registry. This follows the intended setup for utilizing the OpenAI toolset from a well-known service provider.
Audit Metadata