Security audit

Codex Sessions Manager

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Codex session manager that can read and modify local session history, with documented previews and confirmations for destructive actions.

Install only if you trust the npm package and want an agent-assisted tool to manage local Codex history. Use preview mode first, prefer recoverable trash over permanent deletion, verify the selected root and session IDs, and treat displayed or exported sessions as sensitive private data.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The skill enables implicit invocation while advertising a broad set of destructive actions such as delete, purge, trash, and clean. That makes it easier for natural-language prompts about session management to trigger the skill unintentionally, potentially causing file-destructive operations against local Codex session data without sufficiently explicit user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal