registry  /  oh-my-customcodex  /  1.0.15

oh-my-customcodex@1.0.15

Batteries-included agent harness on top of GPT Codex + OMX

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 21 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 78 file(s), 3.11 MB of source, external domains: datatracker.ietf.org, docs.astral.sh, docs.example.com, github.com, my.site, npmjs.com, raw.githubusercontent.com, registry.npmjs.org, svelte.dev, www.w3.org

Source & flagged code

13 flagged · loading source
dist/index.jsView file
7724// src/core/codex-project-root.ts L7725: import { execFileSync as execFileSync2 } from "node:child_process"; L7726: import { lstatSync, readdirSync, readFileSync as readFileSync3, realpathSync as realpathSync2 } from "node:fs";
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L7724
320const content = await fs.readFile(path, "utf-8"); L321: return JSON.parse(content); L322: } ... L358: try { L359: const packageJson = JSON.parse(readFileSync(join(candidate, "package.json"), "utf8")); L360: if (packageJson.name && PACKAGE_NAMES.has(packageJson.name)) { ... L5676: yield* this.next(token); L5677: yield* this.end(forceDoc, endOffset); L5678: } L5679: *next(token) { L5680: if (node_process.env.LOG_STREAM) L5681: console.dir(token, { depth: null });
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/index.jsView on unpkg · L320
320const content = await fs.readFile(path, "utf-8"); L321: return JSON.parse(content); L322: } ... L358: try { L359: const packageJson = JSON.parse(readFileSync(join(candidate, "package.json"), "utf8")); L360: if (packageJson.name && PACKAGE_NAMES.has(packageJson.name)) { ... L5676: yield* this.next(token); L5677: yield* this.end(forceDoc, endOffset); L5678: } L5679: *next(token) { L5680: if (node_process.env.LOG_STREAM) L5681: console.dir(token, { depth: null });
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.jsView on unpkg · L320
dist/cli/index.jsView file
1230} L1231: const execArgv = process2.execArgv ?? []; L1232: if (execArgv.includes("-e") || execArgv.includes("--eval") || execArgv.includes("-p") || execArgv.includes("--print")) {
High
Shell

Package source references shell execution.

dist/cli/index.jsView on unpkg · L1230
12257constructor() { L12258: if (global[kExitEmitter]) { L12259: return global[kExitEmitter];
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/cli/index.jsView on unpkg · L12257
52Cross-file remote execution chain: dist/cli/index.js spawns [redacted].js; helper contains network access plus dynamic code execution. L52: class CommanderError extends Error { L53: constructor(exitCode, code, message) { L54: super(message); ... L770: var EventEmitter = __require("node:events").EventEmitter; L771: var childProcess = __require("node:child_process"); L772: var path = __require("node:path"); ... L816: this._outputConfiguration = { L817: writeOut: (str) => process2.stdout.write(str), L818: writeErr: (str) => process2.stderr.write(str), ... L2443: const content = await fs.readFile(path, "utf-8"); L2444: return JSON.parse(content); L2445: }
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/cli/index.jsView on unpkg · L52
23829if (tool.installMethod === "npm" && descriptor.npmPackage) { L23830: return `npm install --global ${descriptor.npmPackage}@latest`; L23831: } ... L23839: init_package(); L23840: import { execSync, spawnSync } from "node:child_process"; L23841: import { existsSync, mkdirSync as mkdirSync2, readFileSync as readFileSync4, writeFileSync as writeFileSync2 } from "node:fs";
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/cli/index.jsView on unpkg · L23829
35030{ pattern: /chmod\s+777/, name: "chmod 777", severity: "warn" }, L35031: { pattern: /\beval\s*\(/, name: "eval() usage", severity: "warn" }, L35032: {
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/cli/index.jsView on unpkg · L35030
packages/serve/build/server/index.jsView file
39/** L40: * @template {{ tracing: { enabled: boolean, root: import('@opentelemetry/api').Span, current: import('@opentelemetry/api').Span } }} T L41: * @param {T} event_like
Medium
Dynamic Require

Package source references dynamic require/import behavior.

packages/serve/build/server/index.jsView on unpkg · L39
templates/.claude/install-hooks.shView file
path = templates/.claude/install-hooks.sh kind = payload_in_excluded_dir sizeBytes = 3844 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

templates/.claude/install-hooks.shView on unpkg
path = templates/.claude/install-hooks.sh kind = build_helper sizeBytes = 3844 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

templates/.claude/install-hooks.shView on unpkg
packages/serve/build/client/favicon.svg.brView file
path = [redacted].svg.br kind = compressed_blob sizeBytes = 149 magicHex = [redacted]
Medium
Ships Compressed Blob

Package ships compressed or archive-like blobs.

packages/serve/build/client/favicon.svg.brView on unpkg
packages/serve/build/client/_app/immutable/nodes/5.p6zQlNo8.js.gzView file
path = packages/serve/build/client/_app/immutable/nodes/5.p6zQlNo8.js.gz kind = high_entropy_blob sizeBytes = 4414 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

packages/serve/build/client/_app/immutable/nodes/5.p6zQlNo8.js.gzView on unpkg

Findings

8 High6 Medium7 Low
HighChild Processdist/index.js
HighShelldist/cli/index.js
HighSandbox Evasion Gated Capabilitydist/index.js
HighObfuscated Payload Loaderdist/cli/index.js
HighCross File Remote Execution Contextdist/cli/index.js
HighRuntime Package Installdist/cli/index.js
HighShips High Entropy Blobpackages/serve/build/client/_app/immutable/nodes/5.p6zQlNo8.js.gz
HighPayload In Excluded Dirtemplates/.claude/install-hooks.sh
MediumDynamic Requirepackages/serve/build/server/index.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helpertemplates/.claude/install-hooks.sh
MediumShips Compressed Blobpackages/serve/build/client/favicon.svg.br
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/cli/index.js
LowWeak Cryptodist/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings