codex-pet

Warn

Audited by Gen Agent Trust Hub on Jul 13, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides bash script templates designed to be executed by the agent which interpolate user-provided variables such as ${PET_NAME} and ${SOURCE_URL} directly into shell commands (e.g., mkdir -p "${DEST}", runcomfy run ...). This pattern is vulnerable to command injection if the agent does not properly sanitize these inputs before running the scripts.
  • [EXTERNAL_DOWNLOADS]: The skill documentation instructs the installation of several external dependencies, including the @runcomfy/cli NPM package, the imagemagick system utility, and an additional skill repository via npx skills add agentspace-so/runcomfy-agent-skills. These are third-party resources that are required for the skill to function.
  • [COMMAND_EXECUTION]: The skill performs extensive local file system operations, including creating directories and writing files to ${CODEX_HOME:-$HOME/.codex}/pets/. While this aligns with the skill's stated purpose of installing local assets, it involves performing write operations outside the skill's immediate working directory.
  • [CREDENTIALS_UNSAFE]: The skill refers to the management of a RUNCOMFY_TOKEN and notes that the CLI stores credentials in ~/.config/runcomfy/token.json. While it recommends secure file permissions, it highlights a dependency on sensitive API credentials stored on the local machine.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 13, 2026, 07:37 AM
Security Audit — agent-trust-hub — codex-pet