codex-review

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The skill requires writing previous assistant prose verbatim to a temp file and emitting Codex's stdout verbatim, so any secrets present in the reviewed content or Codex output would be reproduced unchanged (no redaction), creating a direct exfiltration path.