codex

SUSPICIOUS: the stated purpose broadly matches a Codex helper, but the footprint includes command execution, patch application, web-fed context, third-party providers, and transitive skill injection without clear trust or data-flow boundaries. The main concerns are indirect prompt injection and loading additional skills, not confirmed malware.