codex-config
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The references/mcp-servers.md file suggests using npx -y to download and execute arbitrary packages from the npm registry, facilitating unverified remote code execution.
- [COMMAND_EXECUTION] (HIGH): The references/security.md file highlights extreme danger flags like --dangerously-bypass-approvals-and-sandbox and configurations like approval_policy = 'never' which disable the tool's security guardrails.
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill encourages the installation of various third-party MCP servers without version pinning or integrity verification.
- [PROMPT_INJECTION] (LOW): The skill configures a tool that processes untrusted implementation plans and prompts without explicit boundary markers or sanitization. Ingestion points: SKILL.md task examples. Capability inventory: Command execution via npx and workspace write access. Sanitization: None documented. Boundary markers: None documented.
- [CREDENTIALS_UNSAFE] (LOW): Documentation suggests storing API keys and database connection strings in plain-text config files, although examples use placeholders.
Recommendations
- AI detected serious security threats
Audit Metadata