The Agent Skills Directory

[SAFE]: The skill uses restricted shell commands via the Bash tool, limiting execution to specific git operations (git diff, git log, git status, git rev-parse, git merge-base, git blame) and filesystem checks (ls, test). This prevents arbitrary command execution.
[SAFE]: It leverages the platform-native Task tool to invoke the codex:codex-rescue subagent. This is the intended integration method for the Codex plugin and does not involve unauthorized remote code execution.
[SAFE]: The skill implements a robust 'host requirement' check, verifying the existence of the Codex plugin directory and the availability of the subagent before proceeding. It includes a graceful fallback mechanism for incompatible environments.
[SAFE]: Data flow is handled securely by capturing raw output from the review subagent and passing it directly to a downstream verification tool (refactor-verify) without interpreting or executing the data as instructions within the wrapper itself.
[SAFE]: The skill explicitly warns against uncommitted changes to ensure context integrity, which is a defensive measure against ambiguous code review results.

codex-fix