Skills
skills/sundial-org/awesome-openclaw-skills/codexmonitor/Gen Agent Trust Hub

codexmonitor

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the codexmonitor tool from a third-party Homebrew tap (cocoanetics/tap/codexmonitor).
  • [COMMAND_EXECUTION]: The skill uses the codexmonitor binary to list, show, and watch local filesystem directories (~/.codex/sessions).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and displays session data that could contain malicious instructions from external sources (e.g., code snippets or previous AI responses).
  • Ingestion points: Reads files from ~/.codex/sessions/ using the codexmonitor list and codexmonitor show commands.
  • Boundary markers: Absent. The instructions do not provide delimiters or warnings to ignore embedded instructions in the session data.
  • Capability inventory: The agent has the capability to execute shell commands (codexmonitor).
  • Sanitization: Absent. The tool displays the raw content of stored sessions without evident filtering or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:24 AM