The Agent Skills Directory

[COMMAND_EXECUTION]: Instructs users to disable macOS Gatekeeper security features using sudo spctl --master-disable and sudo xattr -r -d com.apple.quarantine. This bypasses operating system protections designed to prevent the execution of unverified or malicious software.
[CREDENTIALS_UNSAFE]: The tool's primary function involves handling sensitive Codex account credentials, including access_token and refresh_token. It promotes importing and exporting these secrets in plaintext JSON files (accounts.json), which is an unsafe practice for credential management.
[DATA_EXFILTRATION]: Provides built-in functionality to tunnel local API traffic to the public internet via cloudflared. While intended for integration with tools like Cursor, this creates a significant exfiltration surface where sensitive tokens and local data can be exposed to external networks.
[COMMAND_EXECUTION]: The application is designed to programmatically terminate and restart system processes (e.g., VS Code, Cursor) and modify configuration files on the local file system to sync authentication tokens.

codex-tools-account-manager