codex-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (SAFE): The skill recommends installing the @openai/codex package globally via npm. Since openai is a trusted organization, this external reference is considered safe.
- REMOTE_CODE_EXECUTION (SAFE): The configuration includes a GitHub Action workflow using openai/codex-action@v1. Official actions from trusted organizations are downgraded to safe status.
- PROMPT_INJECTION (LOW): The skill possesses a risk surface for indirect prompt injection. (1) Ingestion points: Reviews local file changes and GitHub pull request diffs. (2) Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the review prompt template. (3) Capability inventory: The codex tool supports code execution (codex exec) and the workflow can post comments via github-script. (4) Sanitization: There is no sanitization of the code content before it is processed by the AI.
Audit Metadata