configuring-codex
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides explicit instructions to configure
config.tomlwithapproval_policy = "never"andsandbox_mode = "danger-full-access". These settings are designed to bypass user confirmation prompts and disable the security sandbox of the Codex CLI tool, which are patterns associated with bypassing safety guidelines and removing execution constraints. - [COMMAND_EXECUTION]: The skill recommends executing a local shell script
./scripts/ai/verify-ai-compat.shand utilizing thecodex execcommand for environment and skill discovery verification. It also suggests a shell loop to verify symlink structures on the local filesystem.
Audit Metadata