Skills
skills/code-yeongyu/oh-my-openagent/codex-qa/Gen Agent Trust Hub

codex-qa

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various local scripts and system binaries to perform automated testing and smoke tests.
  • The scripts/lib/common.sh script executes node packages/omo-codex/scripts/install-local.mjs to prepare the isolated environment.
  • The scripts/tui-smoke.sh script dynamically generates a shell script (tui-launch.sh) and executes it within a tmux session to verify the Codex TUI renders correctly.
  • [DATA_EXPOSURE]: The skill monitors the integrity of the user's configuration files.
  • scripts/lib/common.sh uses shasum to snapshot ~/.codex/config.toml before and after execution, strictly to verify that the isolated test environment did not leak changes to the user's actual home directory.
  • [EXTERNAL_DOWNLOADS]: The skill uses local network communication for testing purposes.
  • scripts/lib/mock-model.mjs creates a local HTTP server on 127.0.0.1 to mock the OpenAI Responses API, allowing tests to run without any external network egress or API keys.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 09:53 AM
Security Audit — agent-trust-hub — codex-qa