The Agent Skills Directory

[DATA_EXFILTRATION]: Reads the user's ~/.codex/config.toml file to generate a checksum for integrity verification. This process is used to ensure that the testing harness did not accidentally modify the user's production configuration; no file content is transmitted externally.
[COMMAND_EXECUTION]: Spawns local processes including codex, node, jq, and tmux as part of its automated testing workflows. These operations are limited to the isolated sandbox environment created during setup.
[DYNAMIC_EXECUTION]: Generates a temporary shell script (tui-launch.sh) to launch the Codex TUI for automated smoke testing. This script generation is a standard part of the skill's testing infrastructure.
[EXTERNAL_DOWNLOADS]: Executes npm ci during the installation verification step to set up dependencies for the local plugin build. This operation uses well-known package registries and is necessary for the skill's stated purpose of verifying local builds.
[INDIRECT_PROMPT_INJECTION]: The skill ingests data from the application server's structured output.
Ingestion points: Reads JSON output from codex app-server via stdout in scripts/lib/app-server-client.mjs.
Boundary markers: None; uses structured JSON parsing which provides inherent separation between data and instructions.
Capability inventory: File system access (sandboxed), process management (spawn/kill), and terminal management (tmux).
Sanitization: Employs standard JSON parsing to handle external tool data, minimizing the risk of interpreting untrusted text as commands.

codex-qa