← 返回 Skills 市场
242
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install codex-switcher
功能描述
Local OpenClaw skill for managing multiple OpenAI Codex accounts through auth snapshots. Use when the user wants to add a Codex account, switch between Codex...
使用说明 (SKILL.md)
Codex Switcher
Use this skill to manage multiple local Codex accounts on one OpenClaw host with a simple snapshot workflow.
Bundled executable:
scripts/cs.sh
What this skill is
This is a small local account manager for Codex on OpenClaw.
Core idea:
- keep OpenClaw's active Codex slot as
openai-codex:default - store each account as a separate snapshot under
~/.openclaw/auth-snapshots/ - switch accounts by injecting snapshot credentials into
~/.openclaw/agents/main/agent/auth-profiles.json - inspect account identity and quota from the active token itself
- refresh snapshot tokens before expiry
This avoids filling openclaw.json with a growing roster of Codex aliases.
Commands
cs list
Show all saved snapshots with:
- alias
- decoded email
- remaining time before expiry
cs current
Show the real active account email, not just the internal profile id.
cs quota
Read the current active token and query remaining Codex usage quota.
cs switch \x3Calias>
Switch to a saved account snapshot by updating only the active Codex credentials in:
~/.openclaw/agents/main/agent/auth-profiles.json
After switching, show:
- current active email
- current quota summary
cs add [alias]
Start a new OAuth login flow for a brand-new account.
Workflow:
- run
cs addorcs add \x3Calias> - sign in in browser
- run
cs add --apply '\x3Ccallback-url>' [alias] - if alias was omitted, derive it from the email automatically
- create a new snapshot file for that account
cs refresh \x3Calias>
Force-refresh one snapshot using its refresh token.
cs refresh-all
Scan every snapshot and automatically refresh only those expiring within 24 hours.
This is intended for cron usage.
Sensitive files
This skill touches high-sensitivity local auth material. Main files involved:
~/.openclaw/agents/main/agent/auth-profiles.json~/.openclaw/auth-snapshots/*.json~/.openclaw/auth-snapshots/backups/*- temporary pending OAuth state files under
~/.openclaw/
Treat all snapshot files as secrets. Never expose full access tokens or refresh tokens in chat.
Safety rules
- Do not run
curl | bashinstallers. - Do not fetch and execute third-party account-switch scripts blindly.
- Prefer local reviewed logic only.
- Back up auth material before risky operations.
- Validate alias names before writing files.
- Use atomic writes for snapshot and auth updates.
- Do not edit unrelated OpenClaw config unless truly required.
- Do not assume a snapshot alias is truthful; decode token email when verifying.
Recommended workflow
Add a new account
cs addorcs add \x3Calias>- finish browser login
cs add --apply '\x3Ccallback-url>' [alias]cs list
Switch accounts
cs switch \x3Calias>- verify output shows the expected email and quota
Keep snapshots fresh
Run cs refresh-all from cron once or twice per day.
References
- For security concerns around third-party relogin installers, read
references/security-notes.md. - For local implementation notes, read
scripts/README-local-flow.md.
安全使用建议
This tool is coherent with its stated purpose but operates on high-sensitivity auth material. Before installing or running: 1) Review the bundled scripts (scripts/cs.sh) yourself — it will write access and refresh tokens to ~/.openclaw/auth-snapshots/*.json and update auth-profiles.json. 2) Consider supplying your own OAuth client (set CS_OAUTH_CLIENT_ID) instead of the embedded default client_id if you want tokens tied to your application. 3) Ensure Python3 and the requests library are available (the script uses embedded Python code and requests for network calls). 4) Back up ~/.openclaw/agents/main/agent/auth-profiles.json before use and keep snapshot files restricted (permissions). 5) Be cautious about enabling automated cron refresh: it will use stored refresh tokens to obtain new access tokens. If you want stronger assurance, run the script manually and inspect the callback/token exchange steps during the first account add.
功能分析
Type: OpenClaw Skill
Name: codex-switcher
Version: 1.0.0
The codex-switcher skill is a utility for managing multiple OpenAI Codex accounts locally by swapping authentication snapshots. The implementation in scripts/cs.sh uses standard OAuth 2.0 PKCE flows, communicates exclusively with official OpenAI endpoints (auth.openai.com and chatgpt.com), and includes security-conscious practices such as atomic file writes, local backups of sensitive configuration files, and explicit warnings against executing untrusted remote code. No evidence of data exfiltration, malicious persistence, or harmful prompt injection was found.
能力评估
Purpose & Capability
The name/description (Codex multi-account snapshot manager) matches what the script does: create/manage snapshots under ~/.openclaw/auth-snapshots, inject the chosen snapshot into ~/.openclaw/agents/main/agent/auth-profiles.json, and refresh tokens via OpenAI OAuth endpoints. No unrelated services, credentials or system components are requested.
Instruction Scope
SKILL.md and scripts instruct only local file operations (reading/writing snapshots, backing up auth-profiles.json) and legitimate OAuth/token operations against auth.openai.com. The scripts accept a callback URL from the user and exchange codes for tokens. Note: the code performs network calls (token exchange, quota checks) and will write tokens/refresh tokens to local snapshot files; SKILL.md warns these are secrets, but users must ensure they review and protect these files.
Install Mechanism
No install spec or remote downloads are present. The skill is instruction-only with a bundled local script; nothing is fetched from external URLs by an installer. This is lower risk than downloading/executing remote archives.
Credentials
The skill requires no special environment variables by default. It does include optional CS_* environment overrides (client id, authorize/token URLs, redirect, scope, originator) and uses OPENCLAW_STATE_DIR. The presence of a hard-coded default CLIENT_ID (app_EMoamEEZ73f0CkXaXp7hrann) and ORIGINATOR may be surprising; they are overridable via env vars. No unrelated credentials are demanded.
Persistence & Privilege
The skill is not set to always:true and does not request elevated system-wide privileges. It writes only into the OpenClaw state directory (by default ~/.openclaw) which is consistent with its purpose. The refresh-all mode is intended for cron use — users should consider the implications of storing long-lived refresh tokens locally if automating.
如何使用
- 确保已安装 OpenClaw(本地或 Docker 部署)
- 在对话框中输入安装命令:
/install codex-switcher - 安装完成后,直接呼叫该 Skill 的名称或使用
/codex-switcher触发 - 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release.
- Add local Codex multi-account snapshot workflow
- Support add / switch / current / list / quota
- Support refresh and refresh-all for expiring snapshots
- Use minimal auth snapshot storage
- Avoid bloating openclaw.json with account roster entries
初始版本发布。
- 支持本地 Codex 多账号快照管理
- 支持 add / switch / current / list / quota
- 支持 refresh / refresh-all
- 使用最小化快照存储凭据
- 不依赖在 openclaw.json 中维护账号花名册
元数据
常见问题
Codex Switcher 是什么?
Local OpenClaw skill for managing multiple OpenAI Codex accounts through auth snapshots. Use when the user wants to add a Codex account, switch between Codex... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 242 次。
如何安装 Codex Switcher?
在 OpenClaw 或 Claude Code 对话框中运行命令「/install codex-switcher」即可一键安装,无需额外配置。
Codex Switcher 是免费的吗?
是的,Codex Switcher 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。
Codex Switcher 支持哪些平台?
Codex Switcher 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。
谁开发了 Codex Switcher?
由 ppaibb(@ppaibb)开发并维护,当前版本 v1.0.0。
推荐 Skills