Codex Claw
PassAudited by VirusTotal on May 3, 2026.
Overview
Type: OpenClaw Skill Name: codex-claw Version: 1.0.1 The codex-claw skill bundle provides instructions and CLI commands for installing and configuring a plugin to sync workspace context (AGENTS.md and SOUL.md) between OpenClaw and Codex Desktop. The SKILL.md file includes proactive safety guidance, advising users to review their context files for sensitive data like API keys or credentials before enabling the plugin. No evidence of malicious intent, data exfiltration, or obfuscation was found; the operations are consistent with the stated purpose of plugin management and configuration.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the referenced package gives external plugin code a role in Codex Desktop context loading.
The reviewed artifact is instruction-only and directs users to install a separate runtime package, so the package provenance and contents need separate verification.
This skill is the searchable setup and safety guide. The actual runtime is the OpenClaw code plugin package `@openclaw/codex-claw`.
Verify the downloaded package, inspect its contents, and prefer a pinned version instead of `latest` before installing.
Private memories, project conventions, or misleading instructions in those files could appear in every Codex session that uses the plugin.
The skill intentionally loads local AGENTS.md/SOUL.md context into Codex sessions, which can expose private notes or carry unsafe instructions if those files are not reviewed.
Codex Desktop hooks read only the configured local paths at session time.
Review and scope AGENTS.md/SOUL.md before enabling them, remove secrets, and keep any personality or preference guidance clearly lower priority than system and user instructions.
Codex Desktop may continue loading the configured context in fresh sessions or after compaction, even after the original setup task is complete.
The setup enables persistent Codex plugin and hook behavior; this is disclosed and purpose-aligned, but it changes ongoing agent behavior until disabled.
plugins = true codex_hooks = true plugin_hooks = true [plugins."codex-claw@codex-claw"] enabled = true
Only enable the hook after reviewing the context files, and keep a clear disable/uninstall plan for the Codex plugin configuration.