Back to skill
Skillv1.0.1
VirusTotal security
Codex Sub Agents 1 · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
SuspiciousApr 29, 2026, 3:36 AM
- Hash
- 6532d4bc7c6d13e8de69f2b4f154b71d1c1868da6e54aee49ae34a2fe3bcf98a
- Source
- palm
- Verdict
- suspicious
- Code Insight
- Type: OpenClaw Skill Name: codex-sub-agents-1 Version: 1.0.1 This skill integrates the powerful 'codex' CLI tool, which is described as having 'full filesystem access' and can operate with 'danger-full-access' (full machine and network access) or `--yolo` (no approvals or sandbox) modes. The `SKILL.md` and `clawdbot-integration.md` files instruct the AI agent to use `codex exec` commands, frequently recommending the `--full-auto` flag, which allows unapproved workspace writes. This creates a significant prompt injection vulnerability, as a malicious prompt could lead to arbitrary code execution and file modification within the workspace without explicit user approval. Additionally, sensitive authentication tokens from `~/.codex/auth.json` are automatically synced.
- External report
- View on VirusTotal