codex-mcp-dev

v1.0.0

Use the local Codex CLI through mcporter and codex-mcp-server for real coding work in the current project. Use when the user asks to build features, fix bugs...

⭐ 0· 322·0 current·0 all-time

byqiucen@hollywood3

Security Scan

VirusTotal

Benign

View report →

OpenClaw

Suspicious

medium confidence

Purpose & Capability

The description and SKILL.md describe a local Codex wrapper that communicates via mcporter -> codex-mcp-server -> codex, which matches the included script. However the registry metadata claims no required binaries/env but the script and README explicitly depend on mcporter, codex, and codex-mcp; that mismatch is incoherent and should have been declared.

ℹ

Instruction Scope

Instructions and the script stay within the claimed domain (sending prompts to a local Codex MCP server, targeting a repo via --cwd). They explicitly allow reading prompt files or stdin and can direct Codex to perform workspace-write actions. Reading files supplied via --prompt-file or running full-auto writes to the repo are expected but present an obvious data/exfiltration and integrity risk if the skill or MCP server is untrusted.

✓

Install Mechanism

There is no external install step; the skill is instruction-only plus a small wrapper script. No remote downloads or package installs are declared, so nothing arbitrary is written to disk by an installer. (The script does call local binaries at runtime.)

✓

Credentials

The skill does not request environment variables, credentials, or config paths in metadata. The code also does not read secrets from environment variables. This is proportionate to its purpose.

ℹ

Persistence & Privilege

always:false (normal). The skill and script can instruct the local Codex to modify the workspace (via full-auto / workspace-write), which is expected for a developer helper but increases blast radius if the MCP server or skill is malicious. The skill does not request permanent platform-level privileges.

What to consider before installing

This wrapper appears to be what it claims (a local Codex/mcporter helper) but exercise caution before installing: 1) the registry metadata should have listed required binaries (mcporter, codex, codex-mcp) — verify those are present and local. 2) The skill can be asked to read arbitrary files (--prompt-file/ stdin) and to make workspace writes (full-auto), so only run it against repositories you trust or a disposable clone. 3) Run python3 scripts/codex_mcp.py doctor to verify mcporter config and binary discovery. 4) Because the source/homepage is unknown, prefer not to enable autonomous invocation for this skill without additional vetting; inspect the mcporter server (codex-cli) implementation and mcporter config before granting it access to real projects.

Like a lobster shell, security has layers — review code before you run it.

latestvk97ccfyp2e6ra8zt94t7s5k6zn82jw0v

322downloads

0stars

1versions

Updated 6h ago

v1.0.0

MIT-0

Codex MCP Dev

Use the local Codex installation through the wrapper script at {baseDir}/scripts/codex_mcp.py. This gives a stable path:

OpenClaw → mcporter → codex-mcp-server → local codex

Quick Setup

Install prerequisites first:

mcporter
local codex
codex-mcp

Create the project MCP entry if config/mcporter.json does not exist yet:

mcporter config add codex-cli --scope project --command codex-mcp

This skill expects a workspace-local MCP server named codex-cli.

Workflow

Use this skill for non-trivial coding tasks.
If it is the first use in a session or something looks broken, run:
- python3 {baseDir}/scripts/codex_mcp.py doctor
Choose a mode:
- Analysis / planning / explanation: use ask without --full-auto
- Implementation / refactor / test-writing: use ask --full-auto
Always set --cwd to the target repo or project directory.
Give Codex a concrete prompt with files, constraints, and acceptance criteria.
After Codex responds, inspect files and run local tests yourself when feasible instead of trusting the tool output blindly.
Summarize changes, tests run, and any remaining risks.

Good Uses

Implementing features across multiple files
Fixing bugs with real repo context
Refactoring with constraints
Writing or updating tests
Debugging failing commands or stack traces
Asking local Codex for a second implementation pass or review

Command Patterns

Health check

python3 {baseDir}/scripts/codex_mcp.py doctor

Version info

python3 {baseDir}/scripts/codex_mcp.py version

Normal implementation

python3 {baseDir}/scripts/codex_mcp.py ask \
  --cwd /absolute/path/to/repo \
  --full-auto \
  --prompt "Implement the requested change, update tests, and summarize what changed."

Read-only analysis

python3 {baseDir}/scripts/codex_mcp.py ask \
  --cwd /absolute/path/to/repo \
  --sandbox-mode read-only \
  --approval-policy never \
  --prompt "Explain the bug, identify likely root cause, and propose the smallest safe fix."

Long prompt from file

python3 {baseDir}/scripts/codex_mcp.py ask \
  --cwd /absolute/path/to/repo \
  --full-auto \
  --prompt-file /tmp/codex-task.txt

Prompting Rules

Include as many of these as possible:

Target files or directories
Desired behavior
Exact error messages or failing tests
Constraints on scope
Required test updates
Expected output format

Prefer prompts like:

"Fix the failing test in tests/api.test.ts without changing public behavior. Run the relevant tests and summarize the root cause."
"Refactor src/cache.py for readability, keep behavior identical, and add regression tests for TTL edge cases."
"Review the auth flow in server/ and identify the top 3 correctness risks with concrete file references."

Guardrails

Prefer --full-auto for ordinary implementation work.
Do not use --yolo unless the user explicitly wants aggressive execution.
Use repo-specific --cwd; do not run against the wrong directory.
Validate with local reads/tests when possible.
If the task is tiny or surgical, skip this skill and edit directly.

Comments

Loading comments...