codexforclaude
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation includes examples for adding MCP servers using npx from well-known providers such as Upstash (@upstash/context7-mcp) and the Model Context Protocol organization (@modelcontextprotocol/server-postgres).
- [COMMAND_EXECUTION]: The guide describes the security model of the Codex CLI, detailing various sandbox modes and approval policies, including high-privilege options like danger-full-access and the --dangerously-bypass-approvals-and-sandbox flag for specific administrative or CI/CD use cases.
- [PROMPT_INJECTION]: The skill explains how to use internal triggers like $skill-creator within the Codex environment to automate the creation of configuration files and skill structures.
Audit Metadata