Multi-AI Consultant
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The setup instructions recommend running 'codex exec "test" --yolo'. This flag is designed to execute AI-generated code or shell commands without user confirmation, providing a direct path for arbitrary code execution on the host machine.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill requires the global installation of an NPM package named 'codex'. This package is not from a trusted organization and its purpose is not verified, presenting a high risk of malicious package installation.
- [DATA_EXFILTRATION] (MEDIUM): The skill is designed to upload repository contents and local context to external AI providers (Google and OpenAI). While ignore files are supported, this behavior creates a persistent risk of exposing sensitive source code or internal data.
- [COMMAND_EXECUTION] (HIGH): The skill includes manual and automatic triggers that execute external binaries and scripts (e.g., 'consultation-log-parser.sh'). These operations run with the user's permissions and can be exploited to perform unauthorized system modifications.
Recommendations
- AI detected serious security threats
Audit Metadata