help
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Bash script snippets for the agent to execute in order to read and summarize local application state files, such as
~/.omx/state/token-tracking.jsonl,.omx/state/session-history.json, and~/.codex/.omx-config.json. These scripts use standard utilities likejqto generate reports. - [EXTERNAL_DOWNLOADS]: The documentation mentions an
/omx-setupcommand that performs external downloads for configuration. This behavior is documented as part of the initial setup process for the vendor's plugin. - [PROMPT_INJECTION]: The skill processes historical session data and logs which could potentially contain untrusted input from previous interactions. * Ingestion points:
~/.omx/state/token-tracking.jsonl,.omx/state/session-history.json* Boundary markers: Absent * Capability inventory: Bash command execution for data analysis * Sanitization: Usesjqfor structured data extraction, which limits the risk of direct instruction execution.
Audit Metadata