The awesome-list that became a real Codex package manager

What it does

This repository catalogs OpenAI Codex plugins and skills, mirroring actual installable bundles under ./plugins/ and publishing a marketplace manifest at .agents/plugins/marketplace.json. Point the Codex CLI or desktop app at this Git repository and it behaves like a curated plugin store. Every submission must pass the HOL AI Plugin Scanner with a score of at least 80 and zero critical or high findings before it lands in the list.

The interesting bit

Most awesome-lists are just bookmarks; this one functions as infrastructure. By treating a Git repository as a marketplace backend, it gives Codex a version-controlled plugin aisle without a separate registry server. The mandatory scanner gate is an attempt to solve the “random code from strangers” problem that usually plagues plugin ecosystems.

Key highlights

• Native Codex marketplace source: add the repo URL to Codex settings and browse community plugins directly.
• Mirrors plugin bundles locally so installs are fast and reproducible, not dependent on upstream repo availability.
• Requires the HOL AI Plugin Scanner (score ≥ 80, no critical/high findings) and a GitHub Actions CI gate for all submissions.
• Splits listings between OpenAI’s official plugins and community-built tools across development, security, workflow, and productivity categories.
• Publishes a machine-readable marketplace.json alongside human-readable curation.

Caveats

• The scanner and gatekeeping rules are run by HOL (Hashgraph Online), so the quality standard is ultimately their call.
• Codex clones the entire repository to use the marketplace; the README warns that raw GitHub file URLs fail because Codex expects a repo URL, not a static JSON endpoint.

Verdict

Worth bookmarking if you use Codex daily and want pre-vetted community plugins without hunting through GitHub search. Skip it if you prefer to install plugins directly from upstream sources or find awesome-lists redundant.