principle-type-system-discipline
Warn
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill includes a set of 'overrides' intended to be applied before the original workflow. These instructions attempt to hijack the agent's behavior, forcing it to use specific models (like 'Codex gpt-5.6-sol') and custom delegation logic instead of default system settings.
- [COMMAND_EXECUTION]: The skill explicitly instructs the agent to launch external workers and execute commands using scripts such as 'spawn-codex-worker' or through 'direct codex exec'. Running unverified external processes can lead to arbitrary code execution on the host system, as the contents of these scripts or binaries are not defined within the skill.
Audit Metadata