codex-cli
Fail
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs users to install a package named
@openai/codex. This is not an official OpenAI package (typically 'openai'), representing a potential supply chain or typosquatting risk. \n- [COMMAND_EXECUTION]: The documentation actively promotes the use of the--dangerously-bypass-approvals-and-sandbox(alias--yolo) flag. This flag is designed to explicitly disable all security protocols and sandboxing constraints. \n- [METADATA_POISONING]: The skill's description and name claim to represent OpenAI Codex CLI, yet the configuration parameters (TOML), sandbox modes, and bypass flags are identical to Anthropic's Claude Code tool. This misrepresentation could lead users to apply incorrect safety assumptions.
Recommendations
- AI detected serious security threats
Audit Metadata