ccg
Fail
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute CLI tools named
codexandgeminiin the terminal to process tasks. - [REMOTE_CODE_EXECUTION]: The skill interpolates user-supplied task descriptions into shell commands (e.g.,
codex "<codex prompt>") without sanitizing metacharacters. This creates a command injection vulnerability where a user can execute arbitrary shell commands by including backticks, semicolons, or pipes in their input. - [EXTERNAL_DOWNLOADS]: The skill requires installing the NPM packages
@openai/codexand@google/gemini-cli. These are not the official SDKs for OpenAI or Google, which may lead to the installation of unverified or malicious code.
Recommendations
- AI detected serious security threats
Audit Metadata