codex-auth

DEPRECATED shim skill for /codex_auth. Use codex-profiler instead; codex-auth is no longer the maintained path.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "codex-auth" with this command: npx skills add deadlysilent/codex-auth

⚠️ Deprecated: codex-auth is no longer maintained as a standalone skill. Use codex-profiler for all ongoing /codex_auth and /codex_usage operations.

Run scripts/codex_auth.py to generate a login URL and apply callback URL tokens to auth-profiles.json.

Safe defaults

  • Treat callback URLs/tokens as sensitive and never echo full values.
  • Use queued apply flow for controlled restart behavior.
  • See RISK.md for allowed/denied operation boundaries.

Commands

  • /codex_auth → selector (discovered profiles)
  • /codex_auth <profile>
  • /codex_auth finish <profile> <callback_url>

Interaction adapter

  • If inline buttons are supported: show selector buttons.
  • If inline buttons are not supported: send text fallback (default | <profile>).
  • Callback message handling must never echo full callback URLs (treat as sensitive).
  • Use callback_data namespace prefix codex_auth_* to avoid collisions.

How to run

Start flow:

python3 skills/codex-auth/scripts/codex_auth.py start --profile default

Finish flow (after browser redirect URL is pasted):

python3 skills/codex-auth/scripts/codex_auth.py finish --profile default --callback-url "http://localhost:1455/auth/callback?code=...&state=..."

Queue safe apply (stops/restarts gateway in background):

python3 skills/codex-auth/scripts/codex_auth.py finish --profile default --callback-url "http://localhost:1455/auth/callback?code=...&state=..." --queue-apply
python3 skills/codex-auth/scripts/codex_auth.py status

Safety posture

  • No remote shell execution (curl|bash, wget|sh) is allowed by this skill.
  • No sudo/SSH/system package mutation is performed by this skill.
  • OAuth callback URLs are sensitive: never echo full callback URLs or tokens in chat output.
  • Writes are limited to auth profile state files with lock-based coordination.

Notes

  • Uses the same OpenAI Codex OAuth constants/method as OpenClaw onboarding (auth.openai.com + localhost callback).
  • OAuth success here does not guarantee chatgpt.com/backend-api/wham/usage acceptance; usage endpoint may reject token/session format with 401 and should be handled by usage/profiler skills.
  • Endpoint trust boundary: OpenAI auth hosts + localhost callback flow only; do not send callbacks/tokens to third-party hosts.
  • Writes ~/.openclaw/agents/main/agent/auth-profiles.json with file locking to reduce race risk while gateway is running.
  • Profile IDs map as:
    • default -> openai-codex:default (or first discovered codex profile if default missing)
    • any other selector -> openai-codex:<selector>
  • Pending auth state is stored in /tmp/openclaw/codex-auth-pending.json.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Coding

Miaoji Asin Clinic Pro

亚马逊ASIN诊所Pro版,90天行动计划+竞品对标+季节性优化日历。 从合规度、广告度、评论度、视觉度、内容度五维升级为可执行的长期作战方案。 基础功能可使用 miaoji-asin-clinic 免费版。

Registry SourceRecently Updated
00wangm-a3
Coding

wechat-publish-pro

Pure Python tool to convert Markdown to styled HTML and publish articles to WeChat official account drafts with AI-based content refinement and theme support.

Registry SourceRecently Updated
00yuesf
Coding

Miaoji Asin Clinic

基于ASIN和品类,快速诊断亚马逊Listing五维健康指数并智能排序修复优先级,提供详细分析与个性化修复方案。

Registry SourceRecently Updated
360wangm-a3
Coding

Toonany

A Claude Code skill for creating AI-generated short dramas (漫剧) from novels and stories. Use when user mentions "漫剧创作", "小说转剧本", "分镜生成", "短剧制作", "故事线生成", "大纲...

Registry SourceRecently Updated
421casperkwok