Skills
skills/mikeng-io/agent-skills/bridge-codex/Gen Agent Trust Hub

bridge-codex

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to verify the local environment (e.g., which codex, codex login status) and to trigger code review processes via the Codex CLI using codex exec.
  • [EXTERNAL_DOWNLOADS]: Configures an MCP server that triggers the download and execution of the codex package from the NPM registry using the npx -y codex command.
  • [DATA_EXFILTRATION]: Accesses local configuration files including .mcp.json, ~/.claude.json, and ~/.codex/config.toml to identify existing tool setups and authentication states.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing untrusted inputs. Ingestion points: review_scope and context_summary variables in SKILL.md. Boundary markers: None present. Capability inventory: Execution of shell commands (codex exec) and calling of MCP tools. Sanitization: No sanitization or escaping of input data is performed before interpolation into the final prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 04:22 PM