← Back to Skills Marketplace
Codex Usage
by
DeadlySilent
· GitHub ↗
· v1.0.19
· MIT-0
507
Downloads
0
Stars
2
Active Installs
20
Versions
Install in OpenClaw
/install codex-usage
Description
Manual Telegram slash-style command for Codex profile status and usage checks. Use when the user sends /codex_usage, /codex_usage default, /codex_usage all,...
README (SKILL.md)
Deprecated wrapper: maintained implementation lives in
skills/codex-profiler/.
For /codex_usage* requests, follow ../codex-profiler/SKILL.md and run:
python3 skills/codex-profiler/scripts/codex_usage.py --profile all --format text
Usage Guidance
This skill is a thin wrapper that tells the agent to run a Python script located in another skill directory, but the wrapper package contains no code or install steps and declares no required binaries or API keys. Before installing or enabling it, ask the publisher for the referenced codex-profiler code and verify what that script does. Ensure python3 is the intended runtime, confirm any required environment variables (API keys) and inspect the script for network access or filesystem reads. If you cannot review the external script, avoid enabling the skill because it could execute arbitrary local code or access secrets unexpectedly.
Capability Analysis
Type: OpenClaw Skill
Name: codex-usage
Version: 1.0.19
The skill bundle is a deprecated wrapper designed to handle Telegram-style commands for checking OpenAI Codex profile usage. It instructs the agent to execute a local Python script (codex_usage.py) located in a sibling directory. No malicious logic, data exfiltration, or suspicious prompt-injection attempts were found in the provided files (SKILL.md, _meta.json).
Capability Assessment
Purpose & Capability
The skill is described as a simple Telegram-style command wrapper but its runtime instructions require running a Python script at skills/codex-profiler/scripts/codex_usage.py and following ../codex-profiler/SKILL.md. The package contains no code files and declares no required binaries, so the declared requirements do not match what the instructions actually ask the agent to do.
Instruction Scope
SKILL.md tells the agent to execute an external script and follow another skill's SKILL.md. That directs the agent to read and run files that are outside this skill's bundle; it is vague about what that script does (likely contacting APIs, reading configs, or using credentials). The instructions therefore extend beyond this skill's own scope and grant the agent broad discretion to access local files and run code.
Install Mechanism
There is no install spec (instruction-only), which is low-risk in general, but the runtime command explicitly invokes python3 on a relative script path. Without that script included or an install step to fetch it, the instruction either will fail or will run whatever file exists at that path — a potentially dangerous implicit dependency.
Credentials
The skill declares no required environment variables or credentials, yet its purpose (checking Codex/OpenAI profile usage) strongly suggests the invoked script would need API keys or other secrets. The SKILL.md does not document required env vars, creating a mismatch and risk of unexpected credential use or attempts to read secrets from the environment.
Persistence & Privilege
The skill is not always-enabled and does not request elevated persistence. There is no evidence it attempts to modify other skills' configuration or to persist credentials itself.
How to Use
- Make sure OpenClaw is installed (local or Docker)
- Run the install command in chat:
/install codex-usage - After installation, invoke the skill by name or use
/codex-usage - Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.19
Restore compatibility wrapper for /codex_usage that forwards to maintained codex-profiler implementation.
v1.0.18
Deprecation notice: standalone codex-usage is deprecated; users should migrate to maintained codex-profiler path.
v1.0.17
Fix delivery guidance: enforce same channel path for progress+final usage responses and NO_REPLY after tool-delivered final to avoid split replies.
v1.0.16
Consolidated strict newline output format: removed pipe separators and kept blank line between profile blocks.
v1.0.15
Switch strict output to newline-based profile blocks (no pipe separators) with blank-line spacing between profiles for improved readability.
v1.0.14
Improve strict visual output format with per-profile blocks, reset timestamps as dd/mm/yyyy, hh:mm, and explicit time-left formatting (x Days, y Hours, z Minutes) for 5h/week windows.
v1.0.13
Clarify remaining quota by appending 'left' to 5h/week percentage outputs in templated text and response contract.
v1.0.12
Add strict text renderer mode (--format text) with progress-first output and consistent templated profile lines (Usable/Limited/5h remaining/Week remaining) for slash-command adapters.
v1.0.11
Add consistent templated profile lines (Usable/Limited/5h/Week remaining), expose formatted_profiles/progress_message fields, and reinforce progress-first response behavior for slash command adapters.
v1.0.10
Fix endpoint reachability preflight so HTTP 401/403 are treated as reachable (allowing proper auth classification), and add output summary/suggested_user_message fields for cleaner slash-command responses.
v1.0.9
Handle WHAM endpoint auth failures explicitly: map 401 to auth_not_accepted_by_usage_endpoint, 403 to forbidden_by_usage_endpoint, keep local-health fallback, and add clearer operator notes that Codex CLI is not required for usage checks.
v1.0.8
Add RISK.md policy + safe-defaults section; clarify confirm/dry-run-first mutation posture and operation boundaries.
v1.0.7
Doc hardening: explicit safety posture (no remote shell exec, no sudo/SSH mutations, trusted endpoint allowlist, sensitive token handling).
v1.0.6
Safer delete flow: default detach-only mode (keeps token/profile), explicit --hard-delete for permanent removal, confirmation + backup retained.
v1.0.5
Add guarded profile-delete flow: explicit --confirm-delete preview gate + automatic timestamped backup before mutation; docs updated.
v1.0.4
Cross-channel UX update: selector/button fallback guidance, duplicate-request suppression guidance, callback namespace guidance, and security notes for private usage.
v1.0.3
Security hardening: endpoint host allowlist (HTTPS), unreachable endpoint fallback to local health-only, removed raw payload fallback, added output scrubbing, and SECURITY.md.
v1.0.2
Docs made generic: selector now references discovered profiles (no user-specific profile names).
v1.0.1
UX update: /codex_usage now requires selector-first behavior and sends an immediate 'Running Codex usage checks now…' progress message before results.
v1.0.0
Initial release: Telegram /codex_usage command with profile selector, Codex OAuth profile checks, usage windows with remaining %, and local-time reset formatting.
Metadata
Frequently Asked Questions
What is Codex Usage?
Manual Telegram slash-style command for Codex profile status and usage checks. Use when the user sends /codex_usage, /codex_usage default, /codex_usage all,... It is an AI Agent Skill for Claude Code / OpenClaw, with 507 downloads so far.
How do I install Codex Usage?
Run "/install codex-usage" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.
Is Codex Usage free?
Yes, Codex Usage is completely free, licensed under MIT-0. You can download, install and use it at no cost.
Which platforms does Codex Usage support?
Codex Usage is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).
Who created Codex Usage?
It is built and maintained by DeadlySilent (@deadlysilent); the current version is v1.0.19.
More Skills