The Agent Skills Directory

[COMMAND_EXECUTION]: The skill instructs the agent to use common shell utilities like rg (ripgrep) to search through local memory indexes and session logs. This is used for project analysis and does not involve arbitrary command execution from untrusted sources.
[DATA_EXPOSURE]: The skill accesses local files related to agent history and configuration, specifically in ~/.codex and the repository's .agents or .codex folders. This access is internal to the agent's operating environment and is necessary for its stated purpose of auditing project workflows. No data is exfiltrated to external network locations.
[INDIRECT_PROMPT_INJECTION]: The skill is designed to process untrusted data (past session logs and raw JSONL files). However, its purpose is to audit and summarize this data for a human developer, and it lacks dangerous capabilities like automated network operations or privilege escalation that could be exploited by malicious content within those logs.

project-skill-audit