Back to skill

Security audit

Codex Usage Widget Publish

Security checks across malware telemetry and agentic risk

Overview

The reported behavior appears to be a normal local widget installation workflow, with no supplied evidence of hidden, destructive, or unrelated actions.

Before installing, review the local scripts and confirm they only write to the intended widget directory. The available signals do not show malicious or mismatched behavior, but the package should document its required file and shell access more explicitly.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.