tmux-remote-worker-setup

The fragment is an automation/deployment script but contains a critical high-risk pattern: it fetches a proxy bootstrap script over plain HTTP and immediately `eval`s it, which is equivalent to remote code execution if the network response is tampered with. Additionally, it deploys local $CODEX_HOME contents (including .env and feishu_notify.py) to remote hosts and runs remote setup/install steps without integrity verification, and it alters /etc/hosts to redirect a specific domain. Overall, this is not a safe supply-chain library-like component; it is operationally dangerous in untrusted environments and should be reviewed/mitigated (remove eval-over-HTTP, pin/verify payloads, avoid shipping secrets).

SUSPICIOUS. The core remote-worker setup behavior is broadly consistent with the stated purpose, but the skill has two major security issues: executing an unverifiable remote proxy script via eval/curl over plain HTTP, and copying local Codex secret/config files onto the remote worker. Those behaviors make the skill high risk even without clear proof of malicious intent.