Skills
skills/lev-os/agents/openai-docs/Gen Agent Trust Hub

openai-docs

Fail

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions in SKILL.md contain directives to override environment security constraints. Specifically, the agent is instructed to 'immediately retry' a command with 'escalated permissions' if an initial attempt is blocked by sandboxing or permission failures, which is an explicit attempt to bypass security boundaries.
  • [COMMAND_EXECUTION]: The agent is directed to execute system-level commands (codex mcp add) to modify its own environment by installing external toolsets.
  • [EXTERNAL_DOWNLOADS]: The skill specifies a workflow for downloading and installing an external MCP server from a remote URL (https://developers.openai.com/mcp).
  • [METADATA_POISONING]: The skill provides documentation and 'official snapshots' for hypothetical and currently non-existent products (such as 'GPT-5.4', 'gpt-oss-120b', and 'Sora-2'), which presents a high risk of user deception and misinformation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 21, 2026, 06:48 PM