Skills
skills/aradotso/codex-skills/codex-plusplus-tweak-system/Gen Agent Trust Hub

codex-plusplus-tweak-system

Fail

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation process for macOS, Linux, and Windows involves downloading scripts from a remote GitHub repository (github.com/b-nnett/codex-plusplus) and executing them immediately via bash or iex. This pattern is highly susceptible to supply chain attacks.
  • [EXTERNAL_DOWNLOADS]: The skill installs the codexplusplus CLI and additional "tweaks" from external sources, including Homebrew taps and GitHub releases.
  • [COMMAND_EXECUTION]: The software performs invasive system operations, including patching the app.asar archive of the Codex application and re-signing the application to bypass macOS security checks (xattr -cr).
  • [REMOTE_CODE_EXECUTION]: The system architecture allows for the runtime discovery and execution of third-party ESM modules (tweaks), which execute with the full privileges of the Electron renderer process.
Recommendations
  • HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/b-nnett/codex-plusplus/main/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
CRITICAL
Analyzed
May 19, 2026, 12:56 AM
Security Audit — agent-trust-hub — codex-plusplus-tweak-system