Show HN: Codex skills as RE playbooks: unpacking and IOC extraction (www.joshuamckiddy.com)

A recent exploration of AI skills focuses on leveraging OpenAI Codex for reverse engineering tasks, proposing a system of modular playbooks that enhance repeatability and consistency in workflow. By treating skills as structured packages that define clear purposes and strict inputs/outputs, the approach aims to streamline reverse engineering processes without replacing human analysis. The significance of this approach lies in its ability to improve the efficiency of complex tasks, like unpacking malware and extracting indicators of compromise (IOCs), while enforcing guardrails to prevent unintentional execution of harmful code. The implementation of Codex's progressive disclosure feature is crucial, allowing it to load only necessary metadata initially, thus managing computational context effectively. Skills such as "re-unpacker" and "re-ioc-extraction" have been designed to produce tangible outputs, like unpacking reports and structured IOC tables, which are vital for cybersecurity analysts. The method's emphasis on static analysis and explicit engineer approval before any dynamic execution reduces risk during malware analysis, showcasing a practical way to balance automation with safety in sensitive environments.