codex-skill-admin
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill script utilizes
subprocess.Popenandsubprocess.runto interact with thecodexcommand-line utility. These calls are used to start a local application server for skill management and to check the status of skill visibility within the agent's prompt. These operations are essential to the skill's documented administrative functions and do not involve untrusted inputs. - [SAFE]: The skill accesses local session logs and history files located in
~/.codex/sessionsto perform its usage audit. This allows it to identify which skills have been recently active. The analysis confirms that no data from these files is transmitted to external servers; all network communication is strictly limited to the loopback interface (127.0.0.1) for local JSON-RPC interaction.
Audit Metadata