use-codex-llm
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates entirely as a set of behavioral instructions and local file references. It defines interaction patterns without introducing external code, network activity, or credential requirements.
- [PROMPT_INJECTION]: The skill includes an 'Instruction Priority Contract' which explicitly mandates that system and developer rules must be prioritized over user requests, providing a structural defense against injection-based behavior overrides.
- [COMMAND_EXECUTION]: While the skill defines a 'Command Execution Contract', it is a structural guide for how the agent should handle legitimate CLI tools available in the Claude Code environment. It does not contain any hardcoded or obfuscated malicious commands.
- [EXTERNAL_DOWNLOADS]: No remote URLs or package registry references are present; all defined actions utilize tools native to the host environment.
Audit Metadata