Skills
skills/boshu2/agentops/openai-docs/Gen Agent Trust Hub

openai-docs

Warn

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to add MCP servers (e.g., codex mcp add openaiDeveloperDocs).
  • [PRIVILEGE_ESCALATION]: In the 'If MCP server is missing' section, the skill explicitly instructs the agent to 'retry with escalated permissions' if a command fails due to sandboxing or permissions issues.
  • [CREDENTIALS_UNSAFE]: The skill provides instructions for the agent to modify the user's ~/.claude/settings.json file. This is a sensitive configuration file that often contains API keys and other credentials for MCP servers.
  • [METADATA_POISONING]: The 'OpenAI product snapshots' section includes misleading information regarding 'gpt-oss' models and 'Codex' capabilities that are inconsistent with official OpenAI documentation, which could lead to user confusion regarding the agent's verified capabilities.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 29, 2026, 04:58 AM
Security Audit — agent-trust-hub — openai-docs