← 返回 Skills 市场
Codex Agentic Gateway
作者
Neal O'Grady
· GitHub ↗
· v1.0.0
· MIT-0
115
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install codex-gateway
功能描述
Use when the user wants to query the Codex Supergraph and the server returns a 402 challenge. Pays per query via the MPP 402 challenge flow. Only supports qu...
使用说明 (SKILL.md)
Codex Machine Payment Protocol (MPP)
Use this skill when the Codex Supergraph returns a 402 Payment Required response. The MPP challenge flow lets you pay per query without needing an API key.
| HTTP endpoint | https://graph.codex.io/graphql |
| Credential header | Authorization: Payment \x3Cbase64url-credential> |
How it works
- Send a GraphQL query (no credential).
- Server returns
402 Payment RequiredwithWWW-Authenticate: Payment ...challenges. - Client solves one challenge and retries with
Authorization: Payment \x3Ccredential>. - Server returns GraphQL data +
Payment-Receiptheader.
Constraints
- Query only. Mutations and subscriptions return
403in MPP mode. - If a valid API key or bearer token is also present, API auth takes precedence.
Rules
- Never print raw credentials.
- Only use MPP for
queryoperations. - Before constructing any query, read
references/query-templates.mdbelow for the correct GraphQL schema. Do not guess query or field names.
References
| File | Purpose |
|---|---|
| ../codex-supergraph/references/query-templates.md | GraphQL query schema and examples — read before constructing queries |
| ../codex-supergraph/references/gotchas.md | Common query failure points |
| references/gotchas.md | MPP-specific failure points |
| rules/wallets.md | Wallet setup: tempo wallet/request (Tempo) |
| references/mpp-flow.md | Auth matrix, challenge details, error codes |
安全使用建议
This skill appears to do what it says (handle Codex 402 payment challenges), but take these precautions before installing or using it:
- Do not blindly run curl ... | bash. Inspect the installer script at https://tempo.xyz/install first or prefer installing Tempo from a trusted package source or OS package manager.
- The SKILL metadata did not list the Tempo CLI as a required binary even though the docs depend on it — ensure you have a trusted Tempo binary before relying on the skill.
- Understand that using the skill will require funding a wallet (real USDC on Tempo) and performing payments on behalf of queries. Confirm cost and limits with the service.
- Verify the external reference files (especially ../codex-supergraph/references/query-templates.md) exist and match the GraphQL schema before constructing queries — the skill explicitly warns not to guess field names.
- If you are not comfortable auditing the tempo installer or giving a CLI permission to sign transactions, do not install or run it. Consider requesting an implementation that uses a vetted package or an alternative payment flow.
If you want, provide the actual installer script URL contents (or the full tempo installer) and I can help inspect it for obvious issues; that would raise confidence in the assessment.
能力评估
Purpose & Capability
The skill is described as an MPP (402) gateway for GraphQL queries and the instructions consistently focus on that flow. However, SKILL metadata lists no required binaries while the instructions rely on the Tempo CLI for Tempo-chain challenges — a missing declared dependency (incoherence).
Instruction Scope
Instructions stay within the stated purpose (construct query, handle 402, use Tempo to sign/pay). They tell the agent to run tempo wallet/login/whoami/request which are appropriate for the flow. Two caveats: (1) they instruct reading an external reference at ../codex-supergraph/references/query-templates.md (outside the packaged files) — if that file is not present the guidance may be incomplete; (2) the skill implicitly expects the user to fund a wallet and perform on-chain payments (expected for MPP but operationally significant).
Install Mechanism
The docs recommend installing Tempo with curl -fsSL https://tempo.xyz/install | bash. Piping a remote script to bash is high-risk because it executes code fetched from a remote host; the domain is not a standard audited package host (e.g., GitHub releases, official distro repos). This is the largest security concern.
Credentials
The skill declares no environment variables or credentials and the instructions do not request unrelated secrets. Wallet access and funding are required by design for MPP, and the skill explicitly warns not to print private keys.
Persistence & Privilege
The skill does not request persistent presence (always:false) and contains no instructions to modify other skills or system-wide agent settings. It doesn't require elevated privileges in the SKILL.md.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install codex-gateway - 安装完成后,直接呼叫该 Skill 的名称或使用
/codex-gateway触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
codex-gateway 1.0.0
- Initial release enables pay-per-query access to the Codex Supergraph via MPP 402 challenge flow.
- Supports GraphQL queries only; mutations and subscriptions are not available through this skill.
- No API key required—payment credentials are handled per request.
- Consult provided query templates and reference guides before constructing queries.
- Includes documentation on endpoints, headers, authentication flow, and usage constraints.
元数据
常见问题
Codex Agentic Gateway 是什么?
Use when the user wants to query the Codex Supergraph and the server returns a 402 challenge. Pays per query via the MPP 402 challenge flow. Only supports qu... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 115 次。
如何安装 Codex Agentic Gateway?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install codex-gateway」即可一键安装,无需额外配置。
Codex Agentic Gateway 是免费的吗?
是的,Codex Agentic Gateway 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Codex Agentic Gateway 支持哪些平台?
Codex Agentic Gateway 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Codex Agentic Gateway?
由 Neal O'Grady(@nealo)开发并维护,当前版本 v1.0.0。
推荐 Skills