codex-review-fast
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The provided skill file consists of YAML metadata and markdown documentation. No scripts, executable instructions, or network requests to untrusted sources are present.
- [PROMPT_INJECTION]: The skill is designed to process external code diffs, which is an inherent surface for indirect prompt injection. 1. Ingestion points: External code diffs and files (SKILL.md). 2. Boundary markers: No delimiters or ignore instructions are specified in this entry-point file. 3. Capability inventory: Read, Grep, Glob, and Bash commands. 4. Sanitization: No sanitization logic is implemented in this wrapper. This attack surface is expected for the tool's intended use case and does not represent an implemented vulnerability.
Audit Metadata