run-codex-bridge

SUSPICIOUS: the skill’s purpose is coherent, but its trust model is weak because it asks the agent to install and rely on a third-party codex-worker CLI via curl|bash from a personal GitHub publisher. The main risk is supply-chain and opaque credential/data handling inside the external tool, not obvious malicious instructions in the skill itself.