The Agent Skills Directory

[COMMAND_EXECUTION]: The script scripts/model_usage.py executes the codexbar command-line tool using subprocess.check_output. The command arguments are passed as a list and the provider argument is restricted to a predefined list of allowed values (codex, claude), which prevents shell command injection.
[EXTERNAL_DOWNLOADS]: The skill's SKILL.md file provides instructions for installing the codexbar CLI via a third-party Homebrew tap (steipete/tap/codexbar). This is a standard installation method for this utility and is transparently documented for the user.
[DATA_EXPOSURE]: The skill is designed to access local usage logs stored in standard directories (e.g., ~/.codex/ and ~/.config/claude/) via the codexbar tool. This data access is necessary to perform the requested cost summarization and does not involve unauthorized network transmission.
[INDIRECT_PROMPT_INJECTION]: The skill includes an attack surface for indirect injection as it processes JSON data from the codexbar CLI or user-provided files. However, the script implements standard JSON parsing and restricted logic that minimizes the risk of the agent being misled by adversarial content within usage logs.

model-usage