Codex Delegate
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill coherently routes code-heavy work to Codex while telling the main agent to keep final judgment, with only normal delegation/data-sharing considerations.
This skill appears safe to install as an instruction-only routing aid. Before using it, be mindful that delegating to Codex may expose code, logs, or environment details to another agent context; keep tasks scoped, remove secrets, and review any proposed code changes before accepting them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Codex may be asked to inspect or produce changes for project files, so the user should review diffs, risks, and tests before accepting the result.
The skill may route repository inspection and implementation work to Codex. This is aligned with the skill's purpose, but code changes or patch work should still be reviewed before use.
Codex: - inspect repo - implement subtask - summarize diff, risks, tests
Keep delegated tasks narrow, require Codex to summarize changes and risks, and have the main agent or user validate before applying or relying on code changes.
Private code, package details, errors, or logs could be included in the context delegated to Codex.
The core workflow sends technical work to another agent. That is disclosed and purpose-aligned, but the artifacts do not define redaction or data-sharing boundaries for private repositories, logs, or environment details.
Delegate when the task is: - code-heavy - repo-heavy - multi-file - CLI-heavy - deep review / audit work ... 3. If mainly technical execution, delegate the heavy part to Codex.
Delegate only the minimum necessary context, avoid including secrets in logs or files, and confirm before sharing sensitive private repository material with another agent.