Skills
skills/yeachan-heo/oh-my-codex/note/Gen Agent Trust Hub

note

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill stores information in .omx/notepad.md and automatically re-injects it into the prompt during session initialization. This creates a vulnerability where an attacker who can influence the contents of that file could execute an indirect prompt injection attack.
  • Ingestion points: The file .omx/notepad.md is read and its contents are added to the agent's context.
  • Boundary markers: No delimiters or ignore instructions are specified for the injected content.
  • Capability inventory: The agent is instructed to read and write to the local file system.
  • Sanitization: No sanitization or validation of the notepad content is performed before injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 05:07 PM