codex-image

Warn

Audited by Socket on Jun 27, 2026

3 alerts found:

Anomalyx3
AnomalyLOW
docs/superpowers/specs/2026-05-20-codex-image-design.md

This is not executable dependency code; it is a design document describing a skill that generates/edits images via OpenAI’s hosted image_generation tool using ChatGPT subscription auth by reusing Codex CLI auth.json and performing PKCE OAuth fallback. The most significant red flag is the explicit requirement to perfectly spoof Codex CLI HTTP fingerprints (User-Agent/originator/request structure/SSE parsing) and reuse Codex OAuth client parameters to make the requests indistinguishable from the official client—i.e., impersonation/evasion behavior. No classic malware actions are specified, but the behavior is high-risk from a policy/impersonation supply-chain perspective. Recommend rejecting or tightly constraining use, and perform an implementation-level review once code is available to verify token handling, network destinations, and whether any additional hidden actions exist.

Confidence: 62%Severity: 68%
AnomalyLOW
SKILL.md

SUSPICIOUS: the skill's functional goal is image generation, but its distinctive behavior is harvesting and reusing Codex/ChatGPT auth tokens, refreshing them, and impersonating the official Codex client to consume subscription-backed access. Data flows appear to stay with OpenAI, which lowers exfiltration concern, but the credential reuse and client masquerading are disproportionate to a normal image skill.

Confidence: 87%Severity: 58%
AnomalyLOW
README.md

The provided material is documentation describing the intended runtime workflow of an unofficial codex-image skill. It highlights legitimate integration points (local credential reuse, OAuth-based authentication, and remote API usage) but introduces security and privacy considerations due to handling of credentials, token flows, and user prompts/images with an external service. While not evidence of explicit backdoors or malware, the approach requires rigorous hardening: secure storage for credentials, explicit user consent and data-handling policies, minimized token scopes, audit trails, and clear boundaries on data sent to external APIs. A formal security review of the actual implementation, including credential management, token handling, and data retention, is strongly recommended before distribution or usage in production environments.

Confidence: 56%Severity: 66%
Audit Metadata
Analyzed At
Jun 27, 2026, 06:28 AM
Package URL
pkg:socket/skills-sh/lwmxiaobei%2Fxiaobei-skills%2Fcodex-image%2F@600323076793743a1961d67502d1f7a5a0da2484a9812f2412ec68c94c57f510
Security Audit — socket — codex-image