Skills
skills/abpai/skills/codex/Gen Agent Trust Hub

codex

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for using the codex CLI tool to perform software engineering tasks. This includes the use of sandboxing flags such as --sandbox danger-full-access and --sandbox workspace-write which allow the tool to interact with the file system and network.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to silently check for updates by fetching a version file from the vendor's repository at https://raw.githubusercontent.com/abpai/skills/main/versions.json. This is used to notify the user of available updates.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it summarizes and follows instructions based on the output of the codex tool.
  • Ingestion points: Results and summaries produced by codex exec and codex resume commands in SKILL.md.
  • Boundary markers: No delimiters or specific instructions are provided to the agent to ignore potential instructions embedded in the tool's output.
  • Capability inventory: The agent can execute shell commands and modify code files via the codex tool.
  • Sanitization: The skill does not implement validation or filtering of the content returned by the CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 04:01 PM