Description

Use Codex CLI to run long-running coding tasks in the background with sandbox bypass, supporting git repos and automated test/build workflows.

README (SKILL.md)

codex-runner Skill

Name: codex-runner
Author: tianyn1990

描述

使用 Codex CLI 在后台长时间运行编码任务，不受 OpenClaw 会话限制。

⚠️ 重要：异步执行

此 skill 会立即返回，不阻塞主会话！

任务在后台独立运行，你可以：

继续与 OpenClaw 对话
发送新消息
查看日志进度

使用场景

需要 Agent 整夜写代码
长时间运行的大型项目开发
不希望 OpenClaw 会话超时导致任务中断

前提条件

已安装 Codex CLI (npm install -g @openai/codex)
配置好代理（翻墙）
目标目录需要是 git 仓库（git init）

命令

start

启动 Codex 后台任务（异步执行，不阻塞会话）

codex-runner start "实现一个 React TODO 应用" my-task /Users/tianyanan/my-project

参数：

$1: 任务描述
$2（可选）: 任务名称，用于日志文件命名，默认 codex-task
$3（可选）: 目标目录路径，默认当前目录

关键：必须使用 background=true 执行！

由于 OpenClaw 默认同步等待命令完成，你需要这样调用：

# 在 skill 命令中使用 background 参数

或者直接使用 sessions_spawn 创建独立子会话：

# 让 Codex 在独立会话中运行，不影响主会话

status

检查 Codex 进程状态

codex-runner status

log

查看任务日志

codex-runner log my-task

参数：

$1（可选）: 任务名称，默认 codex-task

stop

停止 Codex 任务

codex-runner stop

解决方案：使用 sessions_spawn

由于 OpenClaw 主会话执行 exec 会被阻塞，最佳方案是使用 sessions_spawn 创建独立子会话来运行 Codex。

使用方法

直接让 AI 助手（我）使用 sessions_spawn 启动任务：

# 我会这样执行：
sessions_spawn {
  "runtime": "subagent",
  "task": "在 ~/my-project 实现一个简单的 Hello World",
  "label": "codex-hello"
}

示例：启动 Codex 任务

你可以说："用 codex 在桌面创建 test 文件夹，里面放一个 hello.txt"

我会这样处理：

使用 sessions_spawn 创建独立子会话
子会话中运行 Codex 执行任务
主会话立即返回，继续响应你

旧版命令（会阻塞，仅作备用）

start（已不推荐）

# 使用 --dangerously-bypass-approvals-and-sandbox 完全跳过沙箱
TASK_NAME=${2:-codex-task}
TARGET_DIR=${3:-.}

nohup bash -c "
  cd '$TARGET_DIR'
  
  export https_proxy=http://127.0.0.1:8118
  export http_proxy=http://127.0.0.1:8118
  
  codex --dangerously-bypass-approvals-and-sandbox exec '$1'
" > ~/.codex-logs/codex-$TASK_NAME.log 2>&1 &

⚠️ 关键参数

必须使用 --dangerously-bypass-approvals-and-sandbox 才能写入文件：

codex --dangerously-bypass-approvals-and-sandbox exec '任务描述'

参数	说明
`--dangerously-bypass-approvals-and-sandbox`	完全跳过沙箱和审批（必须）
`exec`	非交互执行模式

⚠️ 注意

目标目录需要是 git 仓库（git init）
使用此参数会有安全风险，确保在安全环境下使用

开发任务模板（重要！）

建议在任务描述中包含以下流程要求：

codex-runner start "
实现一个用户管理系统，包含：
1. 用户增删改查 API
2. 用户列表页面

开发流程要求：
1. 先写单元测试，再写业务代码
2. 编码完成后执行单元测试：npm test
3. 如果单测失败，自动修复直到通过
4. 单测通过后执行构建：npm run build
5. 如果构建失败，自动修复直到通过
6. 单测和构建都通过后才算任务完成
" my-task /Users/tianyanan/my-project

开发流程规范

步骤	要求
1. 单元测试	先写测试，再写业务代码
2. 执行单测	`npm test` 或 `npm run test`
3. 修复单测	如果失败，自动修复直到通过
4. 执行构建	`npm run build`
5. 修复构建	如果失败，自动修复直到通过
6. 完成标志	单测 + 构建都通过

监控方法

# 查看进程
ps aux | grep codex | grep -v grep

# 实时日志
tail -f ~/.codex-logs/codex-my-task.log

# 检查完成标志
grep "已完成\|build\|test" ~/.codex-logs/codex-my-task.log

日志位置

默认: ~/.codex-logs/codex-\x3C任务名>.log

测试结果

✅ 持续运行稳定
✅ 可以写入文件（使用 --dangerously-bypass-approvals-and-sandbox）
✅ 生成完整 React 项目
✅ 构建验证通过

参考

源自 Eliason 的 Agent 整夜写代码方案
测试时间: 2026-03-04 ~ 2026-03-05
更新: 2026-03-05（增加开发流程规范）

Usage Guidance

This skill intentionally tells you to bypass sandboxing and spawn independent subagents — that makes it high-risk even though it is coherent with its purpose. Before using it: (1) do not run it against sensitive directories or credentials; run it inside an isolated VM/container instead; (2) verify the provenance and integrity of the Codex CLI npm package (@openai/codex) — npm packages can execute arbitrary code during install/run; (3) avoid using the --dangerously-bypass-approvals-and-sandbox flag unless you fully understand and accept the consequences; (4) inspect and control any local proxy the scripts reference (http://127.0.0.1:8118) to prevent unintended egress; (5) prefer the sessions_spawn approach only if your platform's subagent isolation and policy enforcement are trustworthy. If you need help assessing the Codex CLI package or modifying the scripts to be safer (remove bypass flags, restrict target paths, run under a dedicated user), ask for specific remediation steps.

Capability Analysis

Type: OpenClaw Skill Name: codex-runner Version: 1.1.0 The skill bundle explicitly instructs the AI agent to bypass security sandboxes and approval mechanisms using the '--dangerously-bypass-approvals-and-sandbox' flag in SKILL.md and commands/start.sh. It also utilizes 'sessions_spawn' to initiate unmonitored background sub-sessions, which circumvents standard session limits and oversight. While these capabilities are aligned with the stated goal of autonomous long-running tasks, the intentional disabling of safety protocols and the inclusion of hardcoded local proxies (127.0.0.1:8118) represent a significant security risk.

Capability Assessment

✓ Purpose & Capability

Name/description match the provided scripts and SKILL.md: the skill is designed to run Codex CLI tasks asynchronously, manage logs, check status, and stop processes. Requiring a git repo and writing logs to ~/.codex-logs is consistent with its stated purpose.

⚠ Instruction Scope

SKILL.md and start.sh instruct use of --dangerously-bypass-approvals-and-sandbox and to run Codex with nohup, modify http(s)_proxy, and spawn independent sub-sessions (sessions_spawn). These instructions grant the launched Codex process broad filesystem and network capability and encourage bypassing safety controls; they also direct the agent to create/execute subagents, increasing blast radius.

✓ Install Mechanism

No install spec is included (instruction-only), which means nothing is automatically downloaded by the registry. The SKILL.md asks the user to have Codex CLI installed via npm, which is a normal workflow but delegates trust to that external package.

ℹ Credentials

The skill does not declare required credentials, but the scripts set http_proxy/https_proxy to a local proxy and ask the user to configure a proxy. While not directly asking for secrets, the instructions require installing a global npm package (@openai/codex) and enabling a sandbox-bypass flag — both of which are disproportionate for a benign background-runner and increase risk if the CLI or proxy are untrusted.

ℹ Persistence & Privilege

always:false and no special platform privileges are requested. However the skill advocates creating persistent background processes (nohup) and writing logs under the user's home. The stop command uses pkill -f 'codex.*exec', which may affect unrelated processes matching that pattern.

Version History

v1.1.0

- 改进推荐用法：主推使用 sessions_spawn 启动 Codex 任务，实现真正异步执行，主会话不会被阻塞 - 明确标注旧版 start 方法仅作备用，不再推荐，避免阻塞主进程 - 新增用法示例，说明如何让 AI 助手通过 sessions_spawn 启动项目任务 - 文档结构更清晰，分离推荐与过时命令，方便理解和操作 - 新增 scripts/commands/start-async.sh 用于支持更好的异步启动

v1.0.1

**Summary:** Adds guidance for true后台异步执行与独立子会话支持，优化Codex长任务workflows。 - 明确 skill 启动为异步执行，主会话不会被阻塞 - 新增如何用 `background=true` 或 `sessions_spawn` 让 Codex 任务独立运行的说明 - 推荐 sessions_spawn 等独立子会话方式，防止主会话卡死 - 原有用法、开发流程和监控方式保持一致 - 文档显著提高兼容性和实操细节阐释

v1.0.0

codex-runner 1.0.0 initial release - Run Codex CLI coding tasks in the background, independent of OpenClaw session limits. - Provides commands to start, stop, check status, and view logs of background tasks. - Supports long-running projects or overnight coding without interruption. - Requires Codex CLI, proxy setup, and a git-initialized target directory. - Includes safety considerations for bypassing sandbox and development best practices templates.

Metadata

Slug codex-runner

Version 1.1.0

License —

All-time Installs 2

Active Installs 2

Total Versions 3

Frequently Asked Questions

What is codex-runner?

Use Codex CLI to run long-running coding tasks in the background with sandbox bypass, supporting git repos and automated test/build workflows. It is an AI Agent Skill for Claude Code / OpenClaw, with 415 downloads so far.

How do I install codex-runner?

Run "/install codex-runner" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is codex-runner free?

Yes, codex-runner is completely free (open-source). You can download, install and use it at no cost.

Which platforms does codex-runner support?

codex-runner is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created codex-runner?

It is built and maintained by tianyn1990 (@tianyn1990); the current version is v1.1.0.

More Skills

codex-runner