Security audit
Codex Usage Widget Publish
Security checks across malware telemetry and agentic risk
Overview
The reported behavior appears to be a normal local widget installation workflow, with no supplied evidence of hidden, destructive, or unrelated actions.
Before installing, review the local scripts and confirm they only write to the intended widget directory. The available signals do not show malicious or mismatched behavior, but the package should document its required file and shell access more explicitly.
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
