The Agent Skills Directory

COMMAND_EXECUTION (HIGH): The skill defines a research workflow using the 'codex' command-line tool with extremely dangerous flags. Evidence: The use of '--dangerously-bypass-approvals-and-sandbox' and '--skip-git-repo-check' in the Research Workflow section.
PRIVILEGE_ESCALATION (HIGH): By instructing the agent to bypass sandboxing and approvals, the skill attempts to escalate the agent's permissions beyond standard safety constraints.
INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted external data with high-privilege capabilities. 1. Ingestion points: The 'codex' web search tool retrieves 'RAW search results' (SKILL.md). 2. Boundary markers: Absent; there are no instructions to delimit or ignore instructions within the search results. 3. Capability inventory: The skill has shell execution capability with sandbox bypass via the 'codex' command. 4. Sanitization: Absent; results are consumed 'raw' for extraction and analysis.
METADATA_POISONING (MEDIUM): The skill references a non-existent 'gpt-5.1-codex' model, which could be an attempt to deceive the agent or analyzer regarding its capabilities and environment.

research