Codex Conductor
PassAudited by ClawScan on May 1, 2026.
Overview
No malicious behavior is evident; this is a transparent coding-workflow orchestrator, but it can run external coding agents in full-auto/background modes and store project workflow state.
Use this skill like you would use a powerful coding automation tool: start with gated mode for high-value repositories, keep changes in version control, review AGENTS.md and generated docs, and only enable full-auto/background execution for agents and projects you trust.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A coding agent may make project changes and run commands as part of the delivery workflow.
The helper can launch external coding-agent CLIs from the project root, including Codex full-auto mode. This is central to the skill's purpose, but it gives the selected agent practical ability to modify and test the project.
cmd = ["codex", "exec"] ... if args.full_auto: cmd.append("--full-auto") ... run(cmd, cwd=str(root))Prefer gated mode for important or unfamiliar repositories, review generated prompts, and run in a clean version-controlled working tree.
Users may need to supply and trust their own installed coding-agent tools even though the registry metadata does not list them.
The registry metadata declares no required binaries, while the skill documentation and scripts use Python plus optional coding-agent CLIs. This is an under-declared dependency/provenance clarity issue, not evidence of hidden installation.
Required binaries (all must exist): none ... Primary credential: none
Install coding-agent CLIs only from official sources and confirm which agent will be used before allowing execution.
Project workflow files can shape future coding-agent decisions and should be treated as trusted project state.
The skill persists workflow instructions, gate state, and project context that future agent runs will rely on. This is expected for orchestration, but stale or edited project docs could influence later agent behavior.
This creates/updates: - `AGENTS.md` ... - `.orchestrator/status.json` ... - `.orchestrator/context.json`
Keep generated docs and .orchestrator files under review, especially before advancing gates or switching to autonomous mode.
A delegated agent can notify the orchestrator that work is ready for review.
The workflow instructs a delegated coding agent to signal OpenClaw through a gateway wake message. This is a disclosed handoff mechanism, but completion messages should not be treated as verification by themselves.
openclaw gateway wake --text 'Done: <gate> | task: <summary> | handoff: see docs/agent-handoff.md for CLI+Browser checks' --mode now
Treat wake messages as notifications only; verify the listed CLI, browser, and test evidence before accepting completion.
Long-running agent processes may continue working while the user is not actively watching.
The skill recommends background execution for long-running coding-agent work. This is disclosed and purpose-aligned, but background agents require monitoring so they do not continue beyond the intended task.
OpenClaw execution recommendation: - `pty:true` for interactive CLIs - `background:true` for long-running work
Use background mode only when needed, monitor running jobs, and stop any agent process that exceeds the intended task.