codex

SUSPICIOUS: the skill’s purpose broadly matches coding delegation, and upstream Codex CLI has official distribution channels, but this skill inserts an unverifiable local wrapper and explicitly blocks inspection of the trust-critical code. The main risk is black-box execution with full workspace access and possible hidden credential/data forwarding through the wrapper.