codex-cli-bridge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly enables web search and external data fetching via the Codex CLI (see codex_executor.exec_with_search and its use of the --search flag, plus the "danger-full-access" sandbox/network access references), so the agent can ingest untrusted public web content as part of its workflow.