Skip to content

Add codex-plugin-scanner to Testing & Quality#142

Open
internet-dot wants to merge 1 commit intodevtoolsd:mainfrom
internet-dot:main
Open

Add codex-plugin-scanner to Testing & Quality#142
internet-dot wants to merge 1 commit intodevtoolsd:mainfrom
internet-dot:main

Conversation

@internet-dot
Copy link
Copy Markdown

@internet-dot internet-dot commented Mar 31, 2026

Adding codex-plugin-scanner to the Testing & Quality section.

Security and best-practices scanner for OpenAI Codex CLI plugins. Scores plugins 0-100 and outputs SARIF for CI integration. Sits alongside SonarQube as a domain-specific quality/security gate for the emerging Codex plugin ecosystem.

pip install codex-plugin-scanner

@internet-dot
Add codex-plugin-scanner: security scanner for Codex CLI plugins
f8d2fda 
codex-plugin-scanner scores OpenAI Codex plugins 0-100 across
manifest validation, secret detection, MCP transport hardening,
GitHub Actions security, and best practices. Outputs SARIF for CI.
pip install codex-plugin-scanner
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@internet-dot