codex-review
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The installation command
npx skills add -g BenedictKing/codex-reviewdownloads and installs code from an untrusted GitHub user account. The author 'BenedictKing' is not on the trusted list of organizations or repositories, posing a risk of unverifiable dependency code execution. - Indirect Prompt Injection (LOW): As a code review tool, the skill is designed to ingest and process untrusted external data (source code).
- Ingestion points: Local source code files and git diffs.
- Boundary markers: None specified in the documentation to delimit code from instructions.
- Capability inventory: The skill description implies file write access (CHANGELOG generation) and integration with external AI APIs.
- Sanitization: No sanitization or safety filtering of the code being reviewed is mentioned.
Audit Metadata