codex-changelog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's script explicitly fetches and prints GitHub release data from the public GitHub API (https://api.github.com/repos/openai/codex/releases/tags/...), exposing the agent to untrusted, user-maintained release "body" text which the agent reads and returns and could materially influence its responses or next actions.