The Agent Skills Directory

[COMMAND_EXECUTION]: The skill executes local shell commands including the codex CLI and utility functions like mktemp, grep, and tail. It employs strong security practices such as umask 077 to ensure temporary files are created with restrictive permissions and uses mktemp to prevent predictable filename attacks.- [COMMAND_EXECUTION]: Implements defensive input validation by enforcing a strict regex (^[A-Za-z0-9._-]+$) on user-provided model names before they are used in shell commands, effectively mitigating potential command injection.- [EXTERNAL_DOWNLOADS]: References the @openai/codex package for installation via npm. As this originates from a well-known and trusted service provider (OpenAI), it is considered a legitimate dependency for the skill's functionality.- [DATA_EXFILTRATION]: Transmits the implementation plan and codebase context to OpenAI's servers for processing. This behavior is consistent with the skill's documented purpose of performing external code reviews.- [PROMPT_INJECTION]: Protects against indirect prompt injection (malicious instructions in model output) by using structural isolation; it extracts the verdict token using tail and grep -x (exact match) on the final lines of the response file, preventing the model from hijacking the control flow earlier in its response.

codex-review