codex
Warn
Audited by Socket on Jun 16, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
This skill appears purpose-aligned and not overtly malicious: it is a thin wrapper around the official OpenAI Codex CLI. However, it is a high-impact orchestration surface because it allows unattended Codex turns with broad filesystem, command, network, and cross-worker function access, especially when `danger-full-access`, web search, or third-party MCP tools are enabled. Classify as benign in intent but high risk in operation.
Confidence: 100%Severity: 60%
Audit Metadata