codex-autoresearch-loop

CRITICAL E005: Suspicious download URL detected in skill instructions.

• Suspicious download URL detected (medium risk: 0.65). Not direct executable downloads but still potentially risky: they point to an ambiguous short domain (ara.so) and an unverified GitHub repo/user — cloning and installing code from unknown sources can execute arbitrary scripts, so audit before running.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Pivot Protocol explicitly states "2 PIVOTs → Web search — Codex fetches external references to unstick itself," indicating the agent autonomously fetches and reads public web content which it can use to change its actions, exposing it to untrusted third‑party content (Pivot Protocol / Loop sections).