agent-toolkit / codex

github.com/softaworks/agent-toolkit/Author: softaworks/Scanned 4h ago

https://skillshield.dev/scan/github.com/softaworks/agent-toolkit/codex

Low Risk

Use when the user asks to run Codex CLI (codex exec, codex resume) or references OpenAI Codex for code analysis, refactoring, or automated editing. Uses GPT-5.2 by default for state-of-the-art software engineering.

Findings (4)

Findings Preview

Intentional Output Suppression

The skill mandates appending '2>/dev/null' to all commands. This suppresses the stderr stream, which is where security warnings, errors, and 'thinking' logs are typically sent, effectively hiding the tool's internal actions from the user.

high

skills/codex:20

194. When continuing a previous session, use `codex exec --skip-git-repo-check resume --last` via stdin. When resuming don't use any configuration flags unless explicitly requested by the user e.g. if he species the model or the reasoning effort when requesting to resume a session. Resume syntax: `echo "your prompt here" | codex exec --skip-git-repo-check resume --last 2>/dev/null`. All flags have to be inserted between exec and resume.
205. **IMPORTANT**: By default, append `2>/dev/null` to all `codex exec` commands to suppress thinking tokens (stderr). Only show stderr if the user explicitly requests to see thinking tokens or if debugging is needed.
216. Run the command, capture stdout/stderr (filtered as appropriate), and summarize the outcome for the user.

Category Breakdown

Malware & Backdoors

10030%

Prompt Injection

10025%

Data Exfiltration

10020%

Encoding & Obfuscation

10010%

Excessive Permissions

1008%

Secret Exposure

1005%

Supply Chain

100–

Behavioral Manip.

1002%