Skillv1.0.0

ClawScan security

Codex Bridge · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignMar 5, 2026, 3:50 AM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's files, scripts, and runtime instructions are coherent with its stated purpose of driving a local 'codex' CLI from OpenClaw and do not request unrelated credentials or hidden network endpoints.
Guidance: This skill appears to do what it claims: run the local 'codex' CLI on a project directory and mediate clarifying Q&A via files under ~/.codex-bridge. Before installing, consider: 1) Ensure you trust the local 'codex' CLI and its configuration/credentials (the bridge will invoke it in the chosen workdir and the CLI could read or modify files there). 2) Run the bridge only against project directories you are willing to let the Codex CLI access; avoid pointing it at sensitive system paths or your home directory. 3) Inspect or back up any files in the chosen workdir if you are worried about automated modifications. 4) Logs and task state are stored in ~/.codex-bridge/tasks/; review or remove that directory if you uninstall. If you want additional assurance, run the scripts manually in a safe test repo and observe behavior before enabling them in production workflows.

Purpose & Capability: okName/description match the code and scripts: the bundle dispatches tasks to a local 'codex' CLI, requires python3 and codex binaries, stores state under ~/.codex-bridge, and manipulates files only within the declared task/workdir scope.
Instruction Scope: okSKILL.md instructs the agent to dispatch, poll, ask/answer clarifying questions, and read results. The included bridge.py and helper scripts implement exactly those behaviors. The bridge reads/writes only under ~/.codex-bridge/tasks/<task-id>/ and launches the codex CLI in the specified workdir; it does not access unrelated system paths or external endpoints.
Install Mechanism: okNo install spec is provided (instruction-only with included scripts). Nothing is downloaded or written outside the skill's own task directory; no unexpected install sources are used.
Credentials: okNo environment variables or external credentials are required by the skill. Declared binary requirements (python3, codex) are appropriate for the functionality. Note: the codex CLI itself may require user credentials/config which are outside this skill's scope.
Persistence & Privilege: okThe skill does not request 'always: true', does not modify other skills or global agent settings, and keeps its state under ~/.codex-bridge. It runs background processes for dispatched tasks (normal for this purpose).