codex-review
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute the 'codex' command-line interface tool to perform code reviews. It utilizes various flags such as '--uncommitted', '--base', and '--commit' to target specific code states.
- [PROMPT_INJECTION]: The skill facilitates indirect prompt injection by design, as it ingests untrusted code (uncommitted changes or git commits) and processes it through an AI-powered CLI tool.
- Ingestion points: Git commits, branch history, and local uncommitted file changes (SKILL.md).
- Boundary markers: None present in the command examples to delimit code from instructions.
- Capability inventory: Execution of the 'codex' CLI command.
- Sanitization: No explicit sanitization or filtering of the ingested code content is mentioned.
Audit Metadata