Skills
skills/paulrberg/agent-skills/oracle-codex/Gen Agent Trust Hub

oracle-codex

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the codex command-line utility through a dedicated wrapper script (scripts/run-codex-exec.sh). This wrapper enhances security by validating the model against an allowlist and hardcoding the sandbox mode to read-only.\n- [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes external data like file contents and diffs.\n
  • Ingestion points: User queries and code context are interpolated into the prompt in SKILL.md (Step 2).\n
  • Boundary markers: The instructions do not specify explicit delimiters for demarcating untrusted context from instructions.\n
  • Capability inventory: The skill can execute complex code analysis tasks via the codex exec command.\n
  • Sanitization: There is no explicit sanitization of input data. However, the use of a single-quoted HEREDOC (<<'EOF') in the execution script is a robust mitigation that prevents shell-level command injection from malicious inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 05:19 AM