Skills
skills/dotneet/claude-code-marketplace/call-codex/Gen Agent Trust Hub

call-codex

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The skill uses codex exec --sandbox danger-full-access to run tasks provided via the {task_description} variable. The 'danger-full-access' flag explicitly requests an environment with minimal restrictions, posing a severe security risk.
  • REMOTE_CODE_EXECUTION (HIGH): Direct interpolation of {task_description} into a shell command heredoc without sanitization creates a primitive for code execution. If the task description is influenced by untrusted data, it facilitates remote code execution within the unrestricted sandbox.
  • Indirect Prompt Injection (LOW):Ingestion points: {task_description} variable in SKILL.md. • Boundary markers: Absent. • Capability inventory: Arbitrary command and system execution via the codex tool. • Sanitization: Absent; the content is passed directly to the shell environment.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:05 PM