Skills
skills/lploc94/codex_skill/codex-commit-review/Gen Agent Trust Hub

codex-commit-review

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions specify the installation of a skill pack using npx github:lploc94/codex_skill, which downloads and executes code from an external GitHub repository.
  • [COMMAND_EXECUTION]: The workflow relies on executing local shell commands such as node, git diff, git log, and git rev-list to gather context and run the review process.
  • [PROMPT_INJECTION]: The skill exhibits a surface for Indirect Prompt Injection (Category 8). 1. Ingestion points: The skill processes user-provided commit messages and repository data (diffs and logs) as described in SKILL.md and references/workflow.md. 2. Boundary markers: Prompt templates in references/prompts.md use structural organization but lack explicit delimiters or instructions to ignore instructions embedded in the data. 3. Capability inventory: The skill has the ability to execute shell commands via the node runner. 4. Sanitization: There is no evidence of sanitization or validation of the input data before it is interpolated into AI prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 08:27 AM