hud
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: LOW
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses 'omx hud' and 'omx setup' to manage the display and configuration. These are standard operations for this toolset and do not involve untrusted input execution.
- [DATA_EXPOSURE] (SAFE): Access to ~/.codex/config.toml and .omx/state/ is restricted to the tool's own configuration and state-tracking needs. No exfiltration patterns were detected.
- [INDIRECT_PROMPT_INJECTION] (INFO): While the skill reads external state files for display, it has no high-privilege capabilities (execution or network) that could be exploited. Ingestion points: .omx/state/*.json and .omx/metrics.json. Boundary markers: None. Capability inventory: Display only via 'omx hud'. Sanitization: Not applicable for display-only output.
Audit Metadata