← 返回 Skills 市场
inuyashayang

Worktree Codex Parallel

作者 jiao yang · GitHub ↗ · v1.1.4
cross-platform ⚠ suspicious
418
总下载
0
收藏
0
当前安装
11
版本数
在 OpenClaw 中安装
/install worktree-codex
功能描述
使用 git worktree 隔离多个 Codex 实例,由 OpenClaw 主控器并行调度完成同一项目的不同编码模块。 适用场景:将一个编码项目拆分为独立子任务,让多个 Codex 实例并行实现,最后合并 PR。 触发条件:用户要求"多个 Codex 协作"、"并行编码"、"worktree 编码"、"多...
安全使用建议
This skill appears to implement parallel worktrees correctly, but it reads and uses secrets that are not declared and posts log data to an external service. Before installing or running: - Treat the dashboard and scripts as code that will run on your machine: review/modify them if you do not want automatic network calls. - Do not run dashboard.py or orchestrate.sh unless you are comfortable that ~/.openclaw/openclaw.json may be read; better: supply GH token and any API keys via environment variables instead of relying on that file. - The dashboard's ai_analyze_async reads OPENROUTER_API_KEY from your OpenClaw config and sends log tails (potentially code/content) to openrouter.ai. If you have sensitive code or secrets in logs, this can leak them. Remove or sandbox that feature, or require an explicit opt-in and an explicit environment variable for the analysis key. - The skill suggests using flags like --dangerously-skip-permissions / --dangerously-bypass-approvals-and-sandbox; those bypass host protections and increase risk. Avoid these unless you fully understand the implications. - Confirm the BASE URL (http://152.53.52.170:3003/v1) and any hardcoded IPs are intended and trustworthy — they point to a self-hosted proxy and could route model requests off your environment. If you still want to use this skill safely: require the owner to (1) declare required env vars in metadata, (2) stop reading ~/.openclaw/openclaw.json automatically (use explicit env vars), and (3) make external AI analysis optional and gated behind an explicit, purposeful opt-in.
功能分析
Type: OpenClaw Skill Name: worktree-codex Version: 1.1.4 The skill is classified as suspicious due to several high-risk behaviors. The `dashboard.py` script exfiltrates detailed operational logs (including executed shell commands) to `openrouter.ai` for 'smart analysis', sending internal data to a third-party service. Furthermore, `dashboard.py` contains a local file read vulnerability in its `/reload` and `/register` endpoints, allowing arbitrary file content to be read if a malicious agent or attacker provides crafted log paths. Additionally, `SKILL.md` and `orchestrate.sh` instruct the agent to use dangerous flags like `--dangerously-bypass-approvals-and-sandbox` and `git commit --no-verify`, which bypass security mechanisms and increase the risk of unintended actions or exploitation.
能力评估
Purpose & Capability
The skill's purpose (orchestrate multiple Codex agents using git worktrees) is coherent with the included scripts (setup_worktrees.sh, orchestrate.sh, push_and_pr.sh). However the SKILL metadata claims no required env/config paths while the instructions and code rely on several external binaries and secrets (OPENAI_API_KEY, CODEX_BIN, CLAUDE_BIN path, GH token). The skill does not declare these requirements in the registry metadata, which is inconsistent and surprising to a user.
Instruction Scope
SKILL.md and the scripts instruct the agent to read ~/.openclaw/openclaw.json for a GitHub token and to run Codex/Claude binaries with flags that can bypass sandboxing. Additionally, the dashboard's AI analysis thread (ai_analyze_async) reads the same ~/.openclaw file to extract OPENROUTER_API_KEY and posts log summaries to an external API (openrouter.ai). Those actions (reading a global OpenClaw config and transmitting log tails to a third-party) are outside the narrow 'worktree orchestration' description and are not declared.
Install Mechanism
No install spec is provided (instruction-only with bundled scripts and a dashboard). That minimizes installation-time risk because the skill does not fetch remote archives or run an installer. The risk is runtime behavior of the included scripts rather than an install-time downloader.
Credentials
The code accesses multiple credentials and config locations that are not declared: it expects OPENAI_API_KEY, CODEX_BIN, optional CLAUDE_BIN, and reads GH_TOKEN from ~/.openclaw/openclaw.json; the dashboard also extracts OPENROUTER_API_KEY from the same file. Requesting or reading another skill's/platform config file (~/.openclaw/openclaw.json) to obtain API keys is disproportionate and can lead to cross-skill secret access/exfiltration.
Persistence & Privilege
The skill does not set always:true and does not appear to persistently modify other skills, but it explicitly reads a platform/local config (~/.openclaw/openclaw.json) and extracts keys. Accessing and using other skills' config/credentials increases privilege and blast radius even though the skill itself isn't permanently installed as always:true.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install worktree-codex
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /worktree-codex 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.1.4
fix: AI 分析输入过长返回空,log tail 压到150字
v1.1.3
fix: orchestrate.sh export PATH,修复 Codex 子进程 python command not found
v1.1.2
feat: SSE heartbeat 15s ping + 前端 35s 超时检测,杜绝假活
v1.1.1
fix: AI 分析 NoneType.strip() crash,防御 + 原始响应调试
v1.1.0
dashboard v1.1: 甘特图时间线、点击展开完整log、串行vs并行节省时间、turn/retry/tok-per-line指标、step-3.5-flash读log尾部做代码质量分析
v1.0.5
feat: 卡片显示耗时/diff stat/token分拆;AI prompt 加 system 约束减少废话
v1.0.4
fix: 多 agent 并行时展板只显示一张卡片的 bug(/reload 覆盖改为 /register 追加)
v1.0.3
feat: dashboard 任务生命周期绑定 active/idle/reload,任务结束页面不失效,下次任务自动激活
v1.0.2
feat: 实时展板 dashboard.py — 规则式状态解析+token计量+step-3.5-flash智能分析(离线降级)
v1.0.1
fix: 修复6个坑(SIGPIPE/sandbox/分支撞名/死代码/token泄漏/PR换行);明确只支持 gpt-5.3-codex,去掉无效的 openrouter/deepseek 分流
v1.0.0
Initial publish: multi-Codex parallel coding via git worktree, WSL2/proxy-ready
元数据
Slug worktree-codex
版本 1.1.4
许可证
累计安装 0
当前安装数 0
历史版本数 11
常见问题

Worktree Codex Parallel 是什么?

使用 git worktree 隔离多个 Codex 实例,由 OpenClaw 主控器并行调度完成同一项目的不同编码模块。 适用场景:将一个编码项目拆分为独立子任务,让多个 Codex 实例并行实现,最后合并 PR。 触发条件:用户要求"多个 Codex 协作"、"并行编码"、"worktree 编码"、"多... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 418 次。

如何安装 Worktree Codex Parallel?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install worktree-codex」即可一键安装,无需额外配置。

Worktree Codex Parallel 是免费的吗?

是的,Worktree Codex Parallel 完全免费(开源免费),可自由下载、安装和使用。

Worktree Codex Parallel 支持哪些平台?

Worktree Codex Parallel 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Worktree Codex Parallel?

由 jiao yang(@inuyashayang)开发并维护,当前版本 v1.1.4。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论