Skills
skills/aradotso/codex-skills/codex-session-patcher/Gen Agent Trust Hub

codex-session-patcher

Fail

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user to clone a repository from https://github.com/ryfineZ/codex-session-patcher.git and install it using pip install -e ., which executes code from a non-trusted source.
  • [PROMPT_INJECTION]: The primary functionality of the skill involves 'injecting CTF prompts' and 'cleaning AI refusal responses' to intentionally bypass safety guardrails and refusal mechanisms in AI coding assistants.
  • [EXTERNAL_DOWNLOADS]: Installation procedures involve downloading external code from GitHub and fetching frontend dependencies from the npm registry.
  • [COMMAND_EXECUTION]: The skill uses shell commands to install software, modify configuration files in the user's home directory (e.g., ~/.claude-ctf-workspace), and perform session manipulation.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 16, 2026, 09:21 PM