Skills
skills/somtougeh/dotfiles/codex-code-review/Gen Agent Trust Hub

codex-code-review

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @openai/codex CLI package. This package is provided by a trusted organization and is a standard requirement for the skill's functionality.
  • [COMMAND_EXECUTION]: Utilizes common developer tools like git and the GitHub CLI (gh) to manage repository data and retrieve code differences.
  • [DATA_EXFILTRATION]: Sends code diffs and file contents to an external model via the codex CLI. This data transfer is core to the skill's purpose and involves a well-known service provider.
  • [PROMPT_INJECTION]: The skill processes code changes from pull requests and branches, which may contain untrusted content. This creates a surface for indirect prompt injection.
  • Ingestion points: Code diffs and file contents retrieved through git diff and gh pr view are passed into subsequent review prompts.
  • Boundary markers: The prompt for re-review does not use explicit delimiters or boundary instructions to isolate the untrusted code content from the analysis instructions.
  • Capability inventory: The agent has the ability to read and modify source files, read repository history, and interact with external APIs via gh and codex.
  • Sanitization: No specific sanitization or filtering is applied to the ingested code content before it is included in prompts for the model.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 07:05 AM
Security Audit — agent-trust-hub — codex-code-review