ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenAI Codex Operator

v1.0.1

Run OpenAI Codex CLI from OpenClaw for coding tasks in a target project directory. Use when the user asks OpenClaw to use Codex for implementation, debugging...

2· 1.1k·1 current·2 all-time
bysaiph@cecwxf
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the contents: SKILL.md, references, and example script all describe running the Codex CLI (codex / codex exec) in a specified workdir. No unrelated binaries, env vars, or config paths are requested.
Instruction Scope
Instructions stay within the stated purpose (running Codex in a target repo, foreground/background modes, polling). They do not instruct reading arbitrary system files or unrelated credentials. Note: the skill does not provide guidance about avoiding sending secrets to Codex — the CLI may transmit repository contents to OpenAI during its operation, so users should be warned to scrub sensitive data before running.
Install Mechanism
No install spec is provided (instruction-only), and the included script only instructs installing the official npm package (@openai/codex) if codex is missing. There are no downloads from untrusted URLs or extract actions.
Credentials
The skill declares no required environment variables or credentials. It does mention Codex/CLI authentication in references (ChatGPT login or API key), which is expected for this integration and is not requested by the skill itself.
Persistence & Privilege
The skill does not request always:true, does not modify other skills or global agent settings, and has no install-time persistence. Autonomous invocation is allowed (platform default) but is not combined with other concerning privileges.
Assessment
This skill appears to do only what it claims: run the local Codex CLI against a repository. Before installing or invoking it, ensure you understand that the Codex CLI will contact OpenAI and may send repository contents (including secrets or PII) to OpenAI; remove or redact sensitive files or use a sanitized checkout. Also confirm you trust the locally installed `@openai/codex` package and its authentication mechanism (ChatGPT login or API key) before granting access.

Like a lobster shell, security has layers — review code before you run it.

latestvk975s2va0escfk0vj9pr0z9bz181a87f

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments