codex-workflow-recommender

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is designed as a read-only advisor, with explicit instructions in the 'Output Contract' and 'Safety Rules' prohibiting file modifications, installations, or any configuration changes. Its primary function is to generate evidence-based recommendations for the user to review and implement manually.
  • [SAFE]: Security-conscious design is evident in the recommendation logic. The skill instructs the agent to favor the narrowest possible sandbox policies, avoid recommending hardcoded secrets, and suggest repository-native gates (like pre-commit hooks) that benefit both human and AI workflows.
  • [SAFE]: Discovery operations are limited to standard file-system inspection tools (such as find, ls, and Get-ChildItem) and local CLI discovery via codex commands. These are used to identify project types (e.g., Node.js, Python, Rust) and existing Codex configuration files to provide context-aware advice.
  • [SAFE]: While the skill identifies the presence of sensitive files like .env or user-level configuration files, it does so to recommend appropriate security guardrails (e.g., secret scanning) rather than to extract their contents. There are no network-capable tools (like curl or wget) included in the allowed-tools list, eliminating the risk of data exfiltration.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:18 AM
Security Audit — agent-trust-hub — codex-workflow-recommender