Skills
skills/aradotso/trending-skills/codex-plugin-cc/Gen Agent Trust Hub

codex-plugin-cc

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the @openai/codex CLI tool via npm. This package is provided by a well-known organization and is hosted on a standard registry.
  • [COMMAND_EXECUTION]: The documentation describes using shell commands for authentication and setup, such as !codex login. This is used to interface with the local Codex binary for user authentication.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests and processes external code content that may be untrusted.
  • Ingestion points: Code diffs, uncommitted changes, and branch comparisons are read from the local repository during review or investigation tasks (found in SKILL.md).
  • Boundary markers: No specific boundary markers or instructions to ignore embedded commands are mentioned in the skill description.
  • Capability inventory: The skill can investigate bug reports, fix tests, and redesign components using the /codex:rescue and /codex:review commands.
  • Sanitization: There is no mention of sanitization or filtering applied to the code content before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 09:49 PM