codex-tools-account-manager

SUSPICIOUS: the skill is broadly consistent with its stated purpose, but that purpose itself is high-risk because it centralizes multiple Codex credentials, runs a local API proxy, and explicitly exposes it to the public internet. The largest concerns are sensitive token handling, public tunnel exposure, and weak install trust due to publisher/repo mismatch and instructions to bypass macOS security checks.