Skillv1.1.0

ClawScan security

Codex Multi Subscription Auth Fallbacks · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignFeb 17, 2026, 11:25 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requests and actions (local Codex device-flow login, reading ~/.codex/auth.json, and writing OpenClaw's auth-profiles.json) align with its stated purpose and the included script and docs show no external exfiltration or unexplained privileges.
Guidance: This skill appears internally consistent and does what it says: import Codex OAuth sessions into OpenClaw and optionally configure a local cron job to auto-switch models. Before running: (1) Inspect the script (you already have it) and confirm it matches what will be run; (2) Manually back up ~/.codex/auth.json and your OpenClaw configs (the script makes backups but manual backup is recommended); (3) Test with a non-production OpenAI account first; (4) Ensure you have the official codex CLI (npm package) and node installed, and do not run the script as root; (5) When enabling the cron job, replace placeholders (<workspace>, UUID, timestamps) and verify the job only executes local commands in an isolated session. If you see any hidden network requests or differences between the displayed script and the one you run, stop and re-evaluate—that would change this assessment.

Review Dimensions

Purpose & Capability: okName/description (multi-provider Codex OAuth import + failover) match the included script and templates. The only sensitive accesses are the Codex CLI auth file and OpenClaw auth-profiles file, which are required to import OAuth tokens—no unrelated services or credentials are requested.
Instruction Scope: okSKILL.md and the script stay within scope: they back up and temporarily clear ~/.codex/auth.json, run the codex device-flow login, parse tokens locally with Node, and write to OpenClaw's auth-profiles.json. The optional cron template only runs local commands and writes a local state file per the documentation.
Install Mechanism: okNo install spec is present; this is instruction-only with a supplied script. The script requires the official codex CLI (npm) and node, which the SKILL.md documents. Nothing is downloaded from arbitrary URLs or written into system-wide locations.
Credentials: noteNo environment variables or external credentials are requested. The script accesses sensitive OAuth tokens stored locally—this is necessary for the stated purpose. Users should be aware these tokens are handled locally and that backups are created; the behavior is proportional but inherently sensitive.
Persistence & Privilege: okalways: false and the skill does not request persistent platform privileges. It writes only to its declared OpenClaw auth-profiles path and creates timestamped backups; it does not modify other skills or system-wide agent settings.