keep-codex-fast-maintenance
Fail
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructions direct the user to clone a repository from
github.com/vibeforge1111. This source is not verified or recognized as a trusted organization or well-known service, and the repository owner name does not match the stated author ('Aradotso' or 'ara.so'). - [REMOTE_CODE_EXECUTION]: The skill's core functionality relies on executing a Python script (
scripts/keep_codex_fast.py) that is fetched from the unverified external repository. This provides a direct path for arbitrary code execution on the host system. - [COMMAND_EXECUTION]: The skill body contains multiple examples and instructions for the agent to use
subprocess.runto invoke the downloaded script. This pattern effectively wraps unvetted external code in local command execution, creating a high risk of compromise. - [DATA_EXPOSURE]: The skill is designed to interact with sensitive local application data, including SQLite databases containing logs/history and application configuration files (
config.toml). Processing these files via an unverified script from a remote source creates a risk of data exposure.
Recommendations
- AI detected serious security threats
Audit Metadata