Security risk report for @forgecat/openai_skills_develop-web-game v0.0.10
Source Integrity
Low
Profile is attributed to OpenAI with a public GitHub repository link and Apache-2.0 license.
Metadata includes commit hash and timestamp, consistent with legitimate upstream source tracking.
Agent Intent
Low
Content describes a legitimate web game development workflow using Playwright for testing and validation.
No instructions to ignore system prompts, read credentials, exfiltrate data, or execute remote payloads.
Guidance on game architecture (canvas, render_game_to_text, advanceTime hook) is standard best practice for deterministic testing, not poisoning.
Details
Evidence
Workflow steps 1–14 focus on iterative development, testing, and inspection.
Example commands and JSON payloads are for Playwright test automation, not malicious exfiltration.
No hidden instructions or role-hijacking language detected.
Permissions
Low
No tool definitions or hooks declared in the profile.
Skill description is scoped to web game development iteration (HTML/JS, Playwright testing).
Environment variables (CODEX_HOME, WEB_GAME_CLIENT, WEB_GAME_ACTIONS) are user-scoped and reference local skill paths, not system-wide or unrestricted access.
Details
Evidence
Skill paths are confined to ~/.codex/skills directory.
No shell, file_write, file_delete, or network tools requested.
Commands shown (node, npx) are standard development tools, not excessive agency.
MCP Risk
Low
No MCP servers defined in the profile.
No hidden instructions in tool descriptions or arbitrary binary execution.
Profile relies on local Playwright and Node.js, both standard development dependencies.
Details
Evidence
MCP servers section is empty.
Dependencies list shows 'None'.
Playwright client is a local script reference, not a remote or unknown binary.