logic-master
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (CRITICAL): The skill instructs the agent to use the '--yolo' flag for all operations. This flag is documented within the skill as 'MANDATORY
- Auto-approve and bypass sandbox', which removes all human-in-the-loop safety controls.
- [REMOTE_CODE_EXECUTION] (CRITICAL): By combining the '--yolo' bypass with 'codex exec', the skill enables the execution of arbitrary commands generated by an external AI model. This allows for unauthorized system modification and command execution without oversight.
- [DATA_EXFILTRATION] (HIGH): The execution patterns encourage sending sensitive file contents ('cat | codex') and directory contexts ('-C ') to an external CLI tool. Without sandbox protections or manual approval, this facilitates the silent exfiltration of local data.
- [PROMPT_INJECTION] (HIGH): The skill is critically vulnerable to Indirect Prompt Injection. Ingestion points: Untrusted data enters via '--image' attachments and file piping via stdin. Boundary markers: None are used to separate user instructions from untrusted data. Capability inventory: The skill uses the Bash tool with '--yolo' and calls subagents to apply code changes via the Edit tool. Sanitization: There is no sanitization or validation of the data processed by the Codex tool before it is used to modify the environment.
Recommendations
- AI detected serious security threats
Audit Metadata