subagent-driven-codex
Warn
Audited by Socket on Jun 24, 2026
1 alert found:
AnomalyAnomalySKILL.md
LOWAnomalyLOW
SKILL.md
SUSPICIOUS: the skill's behavior is largely aligned with its stated orchestration purpose, but it materially increases risk by delegating code and plan context to an external Codex bridge, granting broad write access to autonomous reviewer sessions, and depending on another skill as a trust boundary. This looks like a risky external-agent workflow rather than malware.
Confidence: 84%Severity: 61%
Audit Metadata