Openclaw Codex Collaboration
Security checks across malware telemetry and agentic risk
Overview
This is a guidance-only skill for coordinating Codex development runs, with disclosed local logging and no executable installer or hidden behavior.
Before installing, users should understand that this skill is meant to help an agent run Codex against local repositories and save local run records. Use it only for repositories where workspace-write Codex automation is acceptable, and review the saved logs because they may include prompts, diffs, and test output.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.