codex-agents

This skill is a legitimate orchestration document for automating Codex CLI agents, but it grants powerful autonomous capabilities that are disproportionate to simple coding tasks: it instructs the agent to edit, commit, and push repository code and to trigger external notifications. The biggest risks are autonomy abuse (automated edits/pushes), credential forwarding to installed CLIs, and possible data exfiltration via git pushes or notifications. The existence and documentation of `--yolo` (no approvals) is a particularly dangerous capability. If used, operators must ensure strict operational controls: limit scope to non-sensitive repos, require manual approvals before pushes, avoid `--yolo`, and audit OpenClaw notification channel configurations. Overall, this skill is not inherently malicious, but it is high risk if misused or run in sensitive environments.