building-codex-hooks
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions and Python script examples for executing local system commands (e.g.,
git rev-parse) and scripts stored within the repository's.codex/hooks/directory. This is the intended functionality for the hook system described. - [EXTERNAL_DOWNLOADS]: The documentation suggests using the
uvxtool to executecodhcandruff. This involves downloading and running packages from the Python Package Index (PyPI) to facilitate hook validation and linting tasks. - [PROMPT_INJECTION]: The hook architecture described in the skill is designed to ingest and process untrusted data, including user prompts and tool outputs (e.g., Bash command results). While the skill includes examples of defensive filtering—such as blocking destructive commands like
rm -rf—the processing of external content represents an inherent integration surface for indirect prompt injection.
Audit Metadata