OpenAI Codex Operator
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is a straightforward wrapper for running OpenAI Codex on a project, but using it means Codex may modify and run code in the chosen repository under your OpenAI account.
Before installing, confirm you trust and have installed the official Codex CLI, sign in only with the intended OpenAI account or API key, run it only in the target repository, and review Codex output and file diffs before committing or deploying changes.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the wrong repository path or task is supplied, Codex could operate on the wrong project files.
The skill directs OpenClaw to use the exec tool to launch Codex. This is central to the skill's purpose and scoped by workdir, but it is still a powerful local tool invocation.
Always run Codex through OpenClaw `exec` with `pty:true`.
Invoke it only for the intended repository, set an exact workdir, and review Codex logs and diffs before relying on changes.
Codex may run project commands such as tests or scripts and may change files in the selected repository.
The referenced behavior includes local code execution and file mutation. This is expected for a coding-agent operator, but it affects the user's local environment.
Codex CLI runs locally in terminal and can read/change/run code in selected directory.
Use version control or backups, run it in the intended project, and review changes before committing or deploying.
A Codex task may continue running after the initial command until it finishes or is stopped.
The skill supports long-running background Codex sessions. This is disclosed and includes tracking, so it is not hidden persistence, but users should notice it.
For long tasks, use `background:true` and track via `process`.
Keep the returned session ID, poll logs, and stop the process if it is no longer needed.
Codex activity may use the user's OpenAI account or API key, including any account permissions, usage limits, or billing implications.
The skill relies on OpenAI/Codex account authentication. That is expected for this integration, and the artifacts do not show credential logging or hardcoded secrets.
First run requires sign-in (ChatGPT account or API key).
Use the intended OpenAI account or API key, avoid exposing secrets in prompts or logs, and rotate credentials if they are accidentally disclosed.
The installed Codex CLI version and its updates are controlled outside this skill package.
The documentation points users to a global npm install for Codex, without a pinned version in this skill package. This is a normal setup path for the CLI but leaves package provenance/version management to the user.
Install command: `npm i -g @openai/codex`
Install Codex from the official source, verify `codex --version`, and consider pinning or managing the package version in controlled environments.