Skills
skills/khanglvm/skills/fix-codex-skill/Gen Agent Trust Hub

fix-codex-skill

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The Python script scripts/repair_codex_skill_format.py is used to discover and update skill configurations. It executes git rev-parse to identify project roots. The skill also references a hardcoded validation script path /Users/khang/.codex/skills/.system/skill-creator/scripts/quick_validate.py.
  • [PROMPT_INJECTION]: The skill processes content from various skill directories, creating a surface for indirect prompt injection.
  • Ingestion points: The repair script reads SKILL.md files from user-scope and project-scope directories including ~/.codex/skills and ~/.claude/skills.
  • Boundary markers: No explicit delimiters or instructions are used to distinguish between skill metadata and potentially malicious instructions within those files.
  • Capability inventory: The skill can create directories, write files, and execute shell commands via Python's subprocess and Path modules.
  • Sanitization: The script uses yaml.safe_load for parsing YAML frontmatter and applies regex-based normalization to names and descriptions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 11:22 AM