Skills
skills/yigitkonur/skills-by-yigitkonur/run-research-and-save-files-by-codex/Gen Agent Trust Hub

run-research-and-save-files-by-codex

Fail

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the codex exec command to perform research tasks. Technical documentation in references/codex-exec-contract.md specifies the use of the --dangerously-bypass-approvals-and-sandbox flag. This flag is designed to disable security approvals and execution sandboxing, which removes critical safety barriers for the commands generated and run by the AI.
  • [REMOTE_CODE_EXECUTION]: The core mechanism of the skill involves the orchestrator (Claude) generating prompts that are subsequently executed by a subprocess (codex). This effectively creates a remote code execution pathway where AI-generated instructions are carried out on the host system. The references/codex-exec-contract.md file demonstrates this with a smoke test that executes arbitrary filesystem and text processing tasks defined in the prompt.
  • [EXTERNAL_DOWNLOADS]: The skill is designed to perform extensive web research, which necessitates downloading content from untrusted external domains. This content is then synthesized and processed. This creates a surface for indirect prompt injection, where malicious instructions hidden in web pages could influence the behavior of the research subprocesses or the orchestrating agent.
  • [SAFE]: The installation instructions in INSTALL.md use the standard npx package manager to add the skill from a known repository path (yigitkonur/skills-by-yigitkonur).
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
May 19, 2026, 04:09 PM
Security Audit — agent-trust-hub — run-research-and-save-files-by-codex