codex
Use when the user asks to run Codex CLI (codex exec, codex resume) or references OpenAI Codex for code analysis, refactoring, or automated editing. Uses GPT-5.2 by default for state-of-the-art software engineering.
86
83%
Does it follow best practices?
Impact
88%
4.00xAverage score across 3 eval scenarios
Advisory
Suggest reviewing before use
Security
1 medium severity finding. This skill can be installed but you should review these findings before use.
W013: Attempt to modify system services in skill instructions
What this means
The skill prompts the agent to compromise the security or integrity of the user’s machine by modifying system-level services or configurations, such as obtaining elevated privileges, altering startup scripts, or changing system-wide settings.
Why it was flagged
Attempt to modify system services in skill instructions detected (high risk: 0.85). The skill explicitly instructs bypassing safety checks ("Always use --skip-git-repo-check"), endorses broad access modes (`--sandbox danger-full-access`, `--full-auto`) and suppresses stderr, which together push the agent toward bypassing security mechanisms and taking high-impact actions on the host.
- Repository
- softaworks/agent-toolkit
- Commit
3027f20
- Audited
- Security analysis
Is this your skill?
If you maintain this skill, you can claim it as your own. Once claimed, you can manage eval scenarios, bundle related skills, attach documentation or rules, and ensure cross-agent compatibility.