registry  /  oh-my-customcodex  /  1.0.6

oh-my-customcodex@1.0.6

Batteries-included agent harness on top of GPT Codex + OMX

Static Scan Results

scanned 9d ago · by rust-scanner

Static analysis flagged 16 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 1.36 MB of source, external domains: docs.astral.sh, github.com, raw.githubusercontent.com, registry.npmjs.org

Source & flagged code

9 flagged · loading source
dist/index.jsView file
1097// src/core/git-workflow.ts L1098: import { execFileSync } from "node:child_process"; L1099: function execGit(args, cwd) {
High
Child Process

Package source references child process execution.

dist/index.jsView on unpkg · L1097
177const content = await fs.readFile(path, "utf-8"); L178: return JSON.parse(content); L179: } ... L732: const manifest = await readJsonFile(join4(packageRoot, "templates", "manifest.json")); L733: const { version: generatorVersion } = await readJsonFile(join4(packageRoot, "package.json")); L734: const lockfile = await generateLockfile(targetDir, generatorVersion, manifest.version); ... L781: for (const envKey of ["TMPDIR", "TMP", "TEMP"]) { L782: const value = process.env[envKey]; L783: if (value) ... L801: return envOverride; L802: const home = process.env.HOME ?? homedir(); L803: return join7(home, ".oh-my-customcodex");
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/index.jsView on unpkg · L177
1715info("install.omx_installing"); L1716: deps.exec("npm install -g oh-my-codex@latest", { L1717: stdio: "inherit", ... L1729: init_logger(); L1730: import { execSync as execSync3 } from "node:child_process"; L1731: import { platform as platform3 } from "node:os";
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/index.jsView on unpkg · L1715
177const content = await fs.readFile(path, "utf-8"); L178: return JSON.parse(content); L179: } ... L732: const manifest = await readJsonFile(join4(packageRoot, "templates", "manifest.json")); L733: const { version: generatorVersion } = await readJsonFile(join4(packageRoot, "package.json")); L734: const lockfile = await generateLockfile(targetDir, generatorVersion, manifest.version); ... L781: for (const envKey of ["TMPDIR", "TMP", "TEMP"]) { L782: const value = process.env[envKey]; L783: if (value) ... L801: return envOverride; L802: const home = process.env.HOME ?? homedir(); L803: return join7(home, ".oh-my-customcodex");
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.jsView on unpkg · L177
dist/cli/index.jsView file
1230} L1231: const execArgv = process2.execArgv ?? []; L1232: if (execArgv.includes("-e") || execArgv.includes("--eval") || execArgv.includes("-p") || execArgv.includes("--print")) {
High
Shell

Package source references shell execution.

dist/cli/index.jsView on unpkg · L1230
11674constructor() { L11675: if (global[kExitEmitter]) { L11676: return global[kExitEmitter];
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/cli/index.jsView on unpkg · L11674
30639{ pattern: /chmod\s+777/, name: "chmod 777", severity: "warn" }, L30640: { pattern: /\beval\s*\(/, name: "eval() usage", severity: "warn" }, L30641: {
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/cli/index.jsView on unpkg · L30639
templates/.claude/install-hooks.shView file
path = templates/.claude/install-hooks.sh kind = payload_in_excluded_dir sizeBytes = 3844 magicHex = [redacted]
High
Payload In Excluded Dir

Package hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.

templates/.claude/install-hooks.shView on unpkg
path = templates/.claude/install-hooks.sh kind = build_helper sizeBytes = 3844 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

templates/.claude/install-hooks.shView on unpkg

Findings

6 High3 Medium7 Low
HighChild Processdist/index.js
HighShelldist/cli/index.js
HighSandbox Evasion Gated Capabilitydist/index.js
HighObfuscated Payload Loaderdist/cli/index.js
HighRuntime Package Installdist/index.js
HighPayload In Excluded Dirtemplates/.claude/install-hooks.sh
MediumEnvironment Vars
MediumShips Build Helpertemplates/.claude/install-hooks.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/cli/index.js
LowWeak Cryptodist/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings