Trust Assessment
codex received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Shell Command Injection via User Prompt Interpolation.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on July 1, 2026 (commit a4d31ad1). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Shell Command Injection via User Prompt Interpolation The skill instructions direct the LLM to construct shell commands by interpolating the user's prompt directly into an 'echo' command (e.g., `echo "your prompt here" | codex exec ...`). If the user's prompt contains shell metacharacters, double quotes, or command substitutions (such as $(...) or backticks), it can lead to arbitrary command execution on the host system. Avoid passing user input via shell interpolation. Instead, pass the user prompt to the command's standard input using a secure process execution API that does not invoke a shell, or write the prompt to a temporary file and redirect stdin safely. | LLM | SKILL.md:14 |
Scan History
Embed Code
[](https://skillshield.io/report/49b1f24d0022639b)
Powered by SkillShield