codex-supergraph
Use when the user asks about token prices, charts, holders, trending tokens, pair data, prediction markets, or any on-chain analytics from Codex. Also use wh...
MIT-0 · Free to use, modify, and redistribute. No attribution required.
⭐ 0 · 65 · 0 current installs · 0 all-time installs
byNeal O'Grady@nealo
MIT-0
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name, description, and all instructions consistently target Codex GraphQL (https://graph.codex.io/graphql) and on-chain analytics; the operations, subscriptions, and examples match the stated purpose.
Instruction Scope
Instructions are instruction-only examples (curl, GraphQL, TypeScript, websocket) and mainly scoped to calling the Codex API. However the docs also advise writing local config files (e.g., .vscode/mcp.json, ~/.codeium/windsurf/mcp_config.json) and point to a docs MCP server; that recommends touching user config paths beyond mere API calls and is out-of-band for a pure data-query skill.
Install Mechanism
No install spec or code files that would be downloaded/executed. Instruction-only skills are lowest-risk for install mechanisms.
Credentials
The SKILL.md repeatedly uses an environment variable ($CODEX_API_KEY / process.env.CODEX_API_KEY) for Authorization, but the skill metadata declares no required environment variables or primary credential. This omission is inconsistent and means the skill's runtime expectations (an API key) are not declared up front.
Persistence & Privilege
No elevated persistence requested (always:false). The skill does not request to modify other skills or system/global settings beyond recommending files to add for tooling.
What to consider before installing
This skill is documentation and query templates for the Codex GraphQL API and appears to do what it says — build and run GraphQL queries/subscriptions. Before installing or using it:
- Treat the CODEX_API_KEY as sensitive: the SKILL.md expects an API key (used in examples) but the skill metadata does not declare it as required; ensure the platform will store/handle the key securely and do not paste raw keys into chat. Verify where the agent will read the env var from.
- Review any suggested config file changes (e.g., .vscode/mcp.json, ~/.codeium/windsurf/mcp_config.json) before applying them; these write to user config locations and could alter tooling behavior.
- Confirm you expect network calls to https://graph.codex.io/graphql and wss://graph.codex.io/graphql and that those endpoints are the intended destination for your data/queries.
- Be cautious with subscriptions/streams (e.g., launchpad firehose, high-frequency price feeds) as they can be high-volume; prefer backend-side proxying if you intend heavy use.
- If the skill references a codex-gateway or other payment flow, inspect that skill separately before allowing it to run payment flows on your behalf.
If you want to proceed, ask the publisher to update the skill metadata to declare CODEX_API_KEY as a required credential (or explicitly mark it optional) so the platform can present the prompt and handle the secret securely.Like a lobster shell, security has layers — review code before you run it.
Current versionv1.0.0
Download ziplatest
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
SKILL.md
Codex Supergraph Data
Authentication
Pass $CODEX_API_KEY in the Authorization header if available. If the server returns 402 Payment Required, use the codex-gateway skill to handle the payment flow.
If both a local and global copy of this skill exist, the local copy takes precedence.
Summary
Use this skill to produce valid Codex GraphQL requests using API key authentication.
| HTTP endpoint | https://graph.codex.io/graphql |
| WebSocket endpoint | wss://graph.codex.io/graphql |
| Schema (SDL) | https://graph.codex.io/schema/latest.graphql |
| Introspection JSON | https://graph.codex.io/schema/latest.json |
| API-key auth | Authorization: <key> or Authorization: Bearer <token> |
Session preflight (required)
Run once and cache:
curl -sS https://graph.codex.io/graphql \
-H "Content-Type: application/json" \
-H "Authorization: $CODEX_API_KEY" \
--data-binary '{"query":"query GetNetworks { getNetworks { id name } }"}'
Use network IDs from this result before expensive requests.
Operation selection
| Need | Operation |
|---|---|
| Networks | getNetworks |
| Token discovery/search | filterTokens |
| Trending tokens | filterTokens with trendingScore24 ranking |
| Token prices | getTokenPrices |
| Pairs for a token | listPairsWithMetadataForToken |
| Pair metadata | pairMetadata |
| Pair OHLCV | getBars |
| Token OHLCV | getTokenBars |
| Token events | getTokenEvents |
| Maker events | getTokenEventsForMaker |
| Wallet leaders | filterTokenWallets |
| Wallet chart/stats | walletChart, detailedWalletStats |
| Holders | holders |
| Top-10 concentration | top10HoldersPercent |
| Live single price | onPriceUpdated |
| Live multi-price | onPricesUpdated |
| Live token events | onTokenEventsCreated, onEventsCreatedByMaker |
| Live bars/pairs | onBarsUpdated, onPairMetadataUpdated, onTokenBarsUpdated |
| Launchpad streams | onLaunchpadTokenEventBatch, onLaunchpadTokenEvent |
| Unconfirmed Solana events | onUnconfirmedEventsCreated |
| Short-lived keys | createApiTokens, apiTokens, apiToken, deleteApiToken |
| Prediction event discovery | filterPredictionEvents |
| Prediction market discovery | filterPredictionMarkets |
| Prediction event detail | detailedPredictionEventStats |
| Prediction market chart | predictionMarketBars |
| Prediction multi-market chart | predictionEventTopMarketsBars |
| Prediction event chart | predictionEventBars |
| Prediction trades | predictionTrades |
| Prediction token holders | predictionTokenHolders |
| Prediction categories | predictionCategories |
| Prediction trader leaderboard | filterPredictionTraders |
| Prediction trader profile | detailedPredictionTraderStats |
| Prediction trader positions | filterPredictionTraderMarkets |
| Prediction trader chart | predictionTraderBars |
Default discovery path: start with filterTokens.
Rules
- Never print raw API keys.
- Validate
networkIdfirst. - Keep selection sets minimal until shape is confirmed.
- Use
onPricesUpdatedinstead of many single-token subscriptions.
References
| File | Purpose |
|---|---|
| references/gotchas.md | Common failure points — check here first |
| references/query-templates.md | Query + websocket templates with examples |
| references/endpoint-playbook.md | Operation selection heuristics by intent |
| references/apis.md | Endpoint/auth matrix, pagination, rate limits |
| references/prediction-markets.md | Prediction market queries — events, markets, traders, charts |
| references/tooling-and-mcp.md | Codex Docs MCP setup for coding tools |
Files
7 totalSelect a file
Select a file to preview.
Comments
Loading comments…