ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

OpenAI Codex Sub Agents

Use OpenAI Codex CLI for coding tasks. Triggers: codex, code review, fix CI, refactor code, implement feature, coding agent, gpt-5-codex. Enables Clawdbot to delegate coding work to Codex CLI as a subagent or direct tool.

MIT-0 · Free to use, modify, and redistribute. No attribution required.
6 · 3.5k · 18 current installs · 19 all-time installs
by@adamsardo
MIT-0
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The skill claims to let Clawdbot delegate coding to the Codex CLI and all instructions are consistent with that purpose. However, it does not declare any required binaries or config paths even though it repeatedly instructs the agent to run the 'codex' CLI and to read/sync '~/.codex/auth.json'. The omission of a declared required binary (codex) and required config path is an inconsistency.
!
Instruction Scope
SKILL.md instructs the agent to run codex commands (including --full-auto, sandbox 'danger-full-access', and MCP server modes), to read ~/.codex/auth.json, and to auto-sync tokens into Clawdbot's agent auth profiles. These steps involve reading local credentials, granting filesystem edits, and giving network access — broader scope than a simple 'code helper' and not limited or explicit about when to request user approval.
Install Mechanism
This is an instruction-only skill with no install spec or code files, so nothing is written to disk by the skill itself. That limits direct install risk. However, it instructs installing '@openai/codex' via npm which is a reasonable, traceable package instruction — the skill itself doesn't automate that install.
!
Credentials
The skill declares no required environment variables but expects and recommends using ChatGPT/OpenAI auth stored in '~/.codex/auth.json' and syncing those tokens into '~/.clawdbot/agents/.../auth-profiles.json'. Recommending automatic copying of OAuth/API tokens without documenting that as a required config path or explaining safeguards is disproportionate and creates a credential-handling risk.
!
Persistence & Privilege
always:false (normal), but the skill recommends auto-syncing tokens into Clawdbot config and modifying Clawdbot auth profiles. That is effectively modifying other agent configuration and moving credentials between tools — an elevated privilege and a persistent change to other agents' config that should be explicit and consented to.
What to consider before installing
What to consider before installing: - Source provenance: there's no homepage or source repository. Confirm the skill's origin before trusting it. - Binary & config mismatch: the skill tells the agent to run the 'codex' CLI and to read ~/.codex/auth.json, but the skill metadata does not declare the codex binary or config paths; expect the agent to require local codex installation and access to your ~/.codex files. - Credential handling risk: the instructions explicitly recommend syncing Codex OAuth/API tokens into Clawdbot's agent auth profiles. That moves local credentials into another tool's config — only permit this if you trust both the Codex CLI installation and the skill owner. - Broad runtime privileges: the documentation encourages '--full-auto' and 'danger-full-access' sandboxes which allow file writes and network access. Avoid these options on untrusted repos or without manual approvals. - Mitigations: ask the publisher for source code or a homepage; install and test codex CLI in an isolated environment (container or VM); inspect ~/.codex/auth.json and Clawdbot auth files before and after onboarding; disable automatic auth-sync and perform token imports manually if you proceed; prefer read-only/sandboxed modes and require explicit approvals for writes or network access. Given the missing provenance and the implicit credential/config operations, treat this skill as suspicious until you can verify the author and the exact mechanisms by which tokens and configuration are accessed and copied.

Like a lobster shell, security has layers — review code before you run it.

Current versionv1.0.0
Download zip
latestvk97ad5mrxgeg43pbd7g2vx8crx800bqx

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

SKILL.md

OpenAI Codex CLI Skill

Use OpenAI Codex CLI (codex) for coding tasks including code review, refactoring, bug fixes, CI repairs, and feature implementation. Codex CLI runs locally on your machine with full filesystem access.

When to Use

  • User asks for code changes, refactoring, or implementation
  • CI/build failures need fixing
  • Code review before commit/push
  • Large codebase exploration or explanation
  • Tasks requiring file editing + command execution
  • When GPT-5-Codex model strengths are needed (code generation, tool use)

Installation & Auth

Codex CLI requires ChatGPT Plus/Pro/Business/Enterprise subscription.

# Install
npm i -g @openai/codex

# Authenticate (opens browser for OAuth)
codex login

# Or use API key
printenv OPENAI_API_KEY | codex login --with-api-key

# Verify auth
codex login status

Core Commands

Interactive Mode (TUI)

codex                           # Launch interactive terminal UI
codex "explain this codebase"   # Start with a prompt
codex --cd ~/projects/myapp     # Set working directory

Non-Interactive (Scripting)

codex exec "fix the CI failure"                    # Run and exit
codex exec --full-auto "add input validation"      # Auto-approve workspace writes
codex exec --json "list all API endpoints"         # JSON output for parsing
codex exec -i screenshot.png "match this design"   # With image input

Session Management

codex resume               # Pick from recent sessions
codex resume --last        # Continue most recent
codex resume <SESSION_ID>  # Resume specific session

Slash Commands (In TUI)

CommandPurpose
/modelSwitch model (gpt-5-codex, gpt-5)
/approvalsSet approval mode (Auto, Read Only, Full Access)
/reviewCode review against branch, uncommitted changes, or specific commit
/diffShow Git diff including untracked files
/compactSummarize conversation to free context
/initGenerate AGENTS.md scaffold
/statusShow session config and token usage
/undoRevert most recent turn
/newStart fresh conversation
/mcpList configured MCP tools
/mention <path>Attach file to conversation

Approval Modes

ModeBehavior
Auto (default)Read/edit/run commands in workspace; asks for outside access
Read OnlyBrowse files only; requires approval for changes
Full AccessFull machine access including network (use sparingly)

Key Flags

FlagPurpose
--model, -m <model>Override model (gpt-5-codex, gpt-5)
--cd, -C <path>Set working directory
--add-dir <path>Add additional writable roots
--image, -i <path>Attach image(s) to prompt
--full-autoWorkspace write + approve on failure
--sandbox <mode>read-only, workspace-write, danger-full-access
--jsonOutput newline-delimited JSON
--searchEnable web search tool

Clawdbot Integration Patterns

Pattern 1: Direct exec Tool

Call Codex from Clawdbot's exec tool for coding tasks:

# In Clawdbot session
exec codex exec --full-auto --cd ~/projects/medreport "fix the TypeScript errors in src/components"

Pattern 2: Subagent Delegation

Spawn a coding subagent that uses Codex:

// In agents.defaults or per-agent config
{
  agents: {
    list: [
      {
        id: "coder",
        workspace: "~/clawd-coder",
        model: "openai-codex/gpt-5.2",  // Uses Codex auth
        tools: {
          allow: ["exec", "read", "write", "edit", "apply_patch", "process"]
        }
      }
    ]
  }
}

Pattern 3: CLI Backend Fallback

Configure Codex as a text-only fallback:

{
  agents: {
    defaults: {
      cliBackends: {
        "codex-cli": {
          command: "codex",
          args: ["exec", "--full-auto"],
          output: "text",
          sessionArg: null  // Codex manages its own sessions
        }
      }
    }
  }
}

Pattern 4: MCP Server Mode

Run Codex as an MCP server for other agents:

codex mcp-server  # Exposes Codex tools via stdio MCP

Clawdbot Config: OpenAI Codex Provider

Use your ChatGPT Pro subscription via the openai-codex provider:

{
  agents: {
    defaults: {
      model: { primary: "openai-codex/gpt-5.2" },
      models: {
        "openai-codex/gpt-5.2": { alias: "Codex" },
        "anthropic/claude-opus-4-5": { alias: "Opus" }
      }
    }
  }
}

Auth syncs automatically from ~/.codex/auth.json to Clawdbot's auth profiles.

Code Review Workflow

# Interactive review
codex
/review  # Choose: branch, uncommitted, or specific commit

# Non-interactive
codex exec "review the changes in this PR against main branch"

Multi-Directory Projects

# Work across monorepo packages
codex --cd apps/frontend --add-dir ../backend --add-dir ../shared

# Or in TUI
codex --cd ~/projects/myapp --add-dir ~/projects/shared-lib

Custom Slash Commands

Create reusable prompts in ~/.codex/prompts/:

<!-- ~/.codex/prompts/pr.md -->
---
description: Prepare and open a draft PR
argument-hint: [BRANCH=<name>] [TITLE="<title>"]
---

Create branch `dev/$BRANCH` if specified.
Stage and commit changes with a clear message.
Open a draft PR with title $TITLE or auto-generate one.

Invoke: /prompts:pr BRANCH=feature-auth TITLE="Add OAuth flow"

MCP Integration

Add MCP servers to extend Codex:

# Add stdio server
codex mcp add github -- npx @anthropic/mcp-server-github

# Add HTTP server
codex mcp add docs --url https://mcp.deepwiki.com/mcp

# List configured
codex mcp list

Web Search

Enable in ~/.codex/config.toml:

[features]
web_search_request = true

[sandbox_workspace_write]
network_access = true

Then Codex can search for current docs, APIs, etc.

Best Practices

  1. Start with /init to create AGENTS.md with repo-specific instructions
  2. Use /review before commits for AI code review
  3. Set /approvals appropriately — Auto for trusted repos, Read Only for exploration
  4. Use --add-dir for monorepos instead of danger-full-access
  5. Resume sessions to maintain context across coding sessions
  6. Attach images for UI work, design specs, error screenshots

Example Workflows

Fix CI Failure

codex exec --full-auto "The CI is failing on the lint step. Fix all ESLint errors."

Refactor Component

codex exec --cd src/components "Refactor UserProfile.tsx to use React Query instead of useEffect for data fetching"

Implement Feature from Spec

codex exec -i spec.png --cd ~/projects/app "Implement this feature based on the design spec"

Code Review PR

codex exec "Review the diff between main and feature/auth branch. Focus on security issues."

Troubleshooting

IssueSolution
Auth failsRun codex logout then codex login
Commands blockedCheck /approvals, may need --full-auto
Out of contextUse /compact to summarize
Wrong directoryUse --cd flag or check /status
Model unavailableVerify subscription tier supports model

References

Files

3 total
Select a file
Select a file to preview.

Comments

Loading comments…