
Research
/Security News
11 Malicious NuGet Tools Pose as Game Cheats to Drop a Windows Host-Surveillance Payload
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.
oh-my-prompt
Advanced tools
CLI prompt journal for AI coding assistants — capture, analyze, and sync your prompts
CLI tool for capturing, analyzing, and syncing AI coding prompts
Oh My Prompt captures your AI coding sessions (Claude Code, Codex, OpenCode, etc.) to a local SQLite database, syncs them to a server, and provides analytics insights into your prompting patterns.
tool_use the agent ran (Bash, Edit, Write, Read, WebFetch, etc.) with extracted program name for Bash commands so you can answer "which programs did the agent actually run"~/.omp/prompts.dbnpm install -g oh-my-prompt
npx oh-my-prompt setup
git clone https://github.com/jiunbae/oh-my-prompt.git
cd oh-my-prompt
pnpm install
pnpm build:cli
cd packages/omp-cli
npm link
Run the interactive setup wizard:
omp setup
This will:
~/.omp/config.jsonInstall hooks for your CLI(s):
omp install claude # For Claude Code
omp install codex # For Codex
omp install opencode # For OpenCode
omp install all # For all detected CLIs
This adds prompt capture hooks to:
~/.claude/hooks/prompt-logger.sh~/.config/oh-my-prompt/hooks/codex/notify.js + ~/.codex/config.toml notify entry~/.config/oh-my-prompt/hooks/opencode/omp-opencode-plugin.mjs + ~/.config/opencode/opencode.json plugin entryomp status
Expected output:
Server: https://your-server.example.com (or not configured)
Token: configured / not configured
Storage: sqlite
SQLite: /Users/you/.omp/prompts.db
Hooks: claude=installed, codex=installed, opencode=installed
Last capture: 2026-02-08T10:30:00.000Z
Queue: 0 files, 0 bytes
Just use Claude Code, Codex, or OpenCode normally:
claude "Write a function to parse TOML"
codex "Add error handling to this file"
opencode run "Add retry logic to the sync command"
Prompts are automatically captured!
omp stats
omp report
omp analyze <prompt-id>
Copy-paste this prompt into your coding agent to install Oh My Prompt with interactive setup:
Install Oh My Prompt from https://github.com/jiunbae/oh-my-prompt on this machine.
Before running commands, ask me to choose only the install method:
1) npm install -g oh-my-prompt (recommended)
2) npx oh-my-prompt setup (no global install)
3) from source (git clone + pnpm build:cli)
After installation, run:
omp setup
Important:
- Do NOT use setup flags like --server, --token, --hooks, --yes.
- Use the interactive wizard only, and let me provide values directly in the prompts.
- Ask me each setup input in order (server URL, auth/login or token, device name, hook install confirmations).
After setup completes, verify with:
- omp doctor
- omp status
Finally, show exactly what was configured (hooks, server URL, and token status).
omp install [claude|codex|opencode|all] # Install prompt capture hooks
omp uninstall [claude|codex|opencode|all] # Remove hooks
omp status # Show config and hook status
omp doctor # Validate setup and diagnose issues
omp sync # Sync local prompts to server
omp sync status # Show sync history
omp export [--format json|jsonl|csv] [--out file.json]
omp import codex-history [--path ~/.codex/history.jsonl]
omp stats [--view overview|projects|sources|hourly|weekday|sessions] [--since 7d] [--group-by day|week|month|project|source|hour|weekday]
omp report [--format text|json] [--since 2026-01-01]
omp analyze <prompt-id> # Analyze prompt quality
omp analyze --file prompt.txt # Analyze file
omp analyze --stdin < prompt.txt # Analyze from stdin
omp config get # Show full config
omp config get server.url # Get specific value
omp config set server.url https://your-server.example.com
omp config set server.token YOUR_TOKEN
omp config validate # Check config validity
omp db migrate # Run schema migrations
omp ingest --stdin < payload.json # Manually ingest payload
omp ingest --replay # Replay failed queue
Config file: ~/.omp/config.json
{
"server": {
"url": "https://your-server.example.com",
"token": "your-api-token"
}
}
Or via CLI:
omp config set server.url https://your-server.example.com
omp config set server.token YOUR_TOKEN
{
"storage": {
"type": "sqlite",
"sqlite": {
"path": "/Users/you/.omp/prompts.db"
}
}
}
{
"capture": {
"response": true,
"redact": {
"enabled": true,
"mask": "[REDACTED]"
}
}
}
Override config with env vars:
export OMP_SERVER_URL="https://your-server.example.com"
export OMP_SERVER_TOKEN="your-token"
export OMP_STORAGE_TYPE="sqlite"
export OMP_SQLITE_PATH="/custom/path/prompts.db"
export OMP_CAPTURE_RESPONSE="true"
Claude Code:
~/.claude/hooks/prompt_sent.shclaude command$CLAUDE_PROMPT, $CLAUDE_RESPONSE, $CLAUDE_SESSION_IDCodex:
notify in ~/.codex/config.tomlagent-turn-complete eventsOpenCode:
~/.config/opencode/opencode.jsonsession.idle eventsSet OMP_BIN to use a custom omp binary:
export OMP_BIN="/custom/path/to/omp"
If auto-install fails, manually add to ~/.claude/config.toml:
[[hooks]]
name = "oh-my-prompt"
on = "prompt_sent"
script = "/Users/you/.omp/hooks/claude_prompt_sent.sh"
omp analyze <prompt-id>
Output:
Score: 85 (Good)
Signals:
- Goal: present
- Context: present
- Constraints: missing
- Output format: present
- Examples: missing
Suggestions:
- Add specific constraints or requirements
- Include examples of expected output
omp stats --view weekday --since 7d
Output:
┌──────────────────────────────────────────────────────────────┐
│ Local Analytics │
│ Range: 7d -> now │
└──────────────────────────────────────────────────────────────┘
Top Projects
api ██████████████████████████ 42 6.2k tok · 88% rsp
frontend ████████████████░░░░░░░░░ 27 3.8k tok · 91% rsp
Grouped By weekday
Mon ██████████████████████████ 18 2.1k tok · 94% rsp
Tue ████████████████████░░░░░░ 14 1.8k tok · 86% rsp
omp report --since 2026-02-01
Generates:
Get an API token from your Oh My Prompt server
Configure sync:
omp config set server.url https://your-server.example.com
omp config set server.token YOUR_TOKEN
Run initial sync:
omp sync
Add to your shell profile (~/.zshrc or ~/.bashrc):
# Sync prompts every hour
(crontab -l 2>/dev/null | grep -Fv 'omp sync' ; echo "0 * * * * /usr/local/bin/omp sync # oh-my-prompt") | crontab -
Or use a background service (launchd on macOS, systemd on Linux).
omp sync # Sync all new prompts
omp sync --since 2026-01-01 # Sync from date
omp sync --dry-run # Preview sync
omp sync status # Show sync history
omp export --format jsonl --out prompts.jsonl
omp export --format csv --out prompts.csv --since 2026-01-01
omp export --format json > prompts.json
omp import codex-history --path ~/.codex/history.jsonl
omp import codex-history --dry-run # Preview
Check hook status:
omp status
Run doctor:
omp doctor
Manually test hook:
bash ~/.omp/hooks/claude_prompt_sent.sh
Check logs:
tail -f ~/.omp/state.json
Check config:
omp config validate
Test connectivity:
curl -H "Authorization: Bearer YOUR_TOKEN" https://your-server.example.com/api/health
Force sync:
omp sync --force
omp db migrate # Run migrations
omp config get storage.sqlite.path # Check DB location
sqlite3 ~/.omp/prompts.db ".schema" # Inspect schema
git clone https://github.com/jiunbae/oh-my-prompt.git
cd oh-my-prompt
pnpm install
pnpm build:cli
cd packages/omp-cli
npm link
cd packages/omp-cli
npm test
packages/omp-cli/
├── bin/omp # CLI entry point
├── lib/ # Core modules (copied from src/omp/)
│ ├── cli.js # Command router
│ ├── config.js # Config management
│ ├── db.js # SQLite operations
│ ├── hooks.js # Hook installation
│ ├── ingest.js # Payload processing
│ ├── sync.js # Server sync
│ └── ...
└── package.json
Contributions welcome! Please:
git checkout -b feature/my-featuregit commit -m 'Add my feature'git push origin feature/my-featureMIT © Jiun Bae
FAQs
CLI prompt journal for AI coding assistants — capture, analyze, and sync your prompts
We found that oh-my-prompt demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
11 malicious NuGet tools pose as game cheats to deploy Windows payloads, track hosts, and use Google Sheets for telemetry and control.

Research
/Security News
4 compromised asyncapi packages deliver miasma botnet loader on macOS, Linux and Windows.

Research
/Security News
A compromised jscrambler npm release added a malicious preinstall hook that runs hidden native binaries on Linux, macOS, and Windows.