codex
Use when the user asks to run Codex CLI (codex exec, codex resume) or references OpenAI Codex for code analysis, refactoring, or automated editing
git clone --depth 1 https://github.com/majiayu000/spellbook /tmp/codex && cp -r /tmp/codex/skills/codex ~/.claude/skills/codexSKILL.md
# Codex Skill Guide ## Running a Task 1. Ask the user (via `AskUserQuestion`) which model to run (`gpt-5.2-codex` or `gpt-5.2`) AND which reasoning effort to use (`xhigh`, `high`, `medium`, or `low`) in a **single prompt with two questions**. 2. Select the sandbox mode required for the task; default to `--sandbox read-only` unless edits or network access are necessary. 3. Run `codex --version` first. Stop and report the failure if Codex is unavailable. 4. Assemble the command with the appropriate options: - `-m, --model <MODEL>` - `--config model_reasoning_effort="<xhigh|high|medium|low>"` - `--sandbox <read-only|workspace-write|danger-full-access>`; some Codex CLI versions also support `workspace-read-network-write` - `-C, --cd <DIR>` - `--add-dir <DIR>` - `--skip-git-repo-check` - `--dangerously-bypass-approvals-and-sandbox` 5. Do not use `--skip-git-repo-check` by default. Use it only when the user explicitly asks to run outside a Git repository or has approved that boundary bypass for this command. 6. When continuing a previous session, use `codex exec resume --last` via stdin. Do not add model, reasoning, or sandbox flags on resume unless the user explicitly requests an override. 7. **IMPORTANT**: By default, append `2>/dev/null` to `codex exec` commands to suppress thinking tokens (stderr). Only show stderr if the user explicitly requests it or if debugging is needed. 8. Run the command, capture stdout/stderr (filtered as appropriate), and summarize the outcome for the user. 9. **After Codex completes**, inform the user: "You can resume this Codex session at any time by saying 'codex resume' or asking me to continue with additional analysis or changes." ### Safe Prompt Passing Do not build Codex commands with `echo "user prompt" | ...`; user text can contain quotes, substitutions, or newlines. Prefer a quoted heredoc so the shell never reinterprets prompt contents: ```bash codex exec resume --last 2>/dev/null <<'EOF' Your follow-up prompt goes here. EOF ``` ### Quick Reference | Use case | Sandbox mode | Key flags | | --- | --- | --- | | Read-only review or analysis | `read-only` | `--sandbox read-only 2>/dev/null` | | Apply local edits | `workspace-write` | `--sandbox workspace-write 2>/dev/null` | | Apply edits that need network access | `workspace-read-network-write` only when `codex exec --help` lists it | Prefer this before considering full access | | Permit extra write scope | Prefer `--add-dir` | Ask before adding extra writable directories | | Permit broad file access | `danger-full-access` only after approval | Ask before adding `--sandbox danger-full-access` | | Resume recent session | Inherited from original | `codex exec resume --last 2>/dev/null <<'EOF'` + prompt + `EOF` | | Run from another directory | Match task needs | `-C <DIR>` plus other flags `2>/dev/null` | ## Following Up - After every `codex` command, immediately use `AskUserQuestion` to confirm next steps, collect clarifications, or decide whether to resume with `codex exec resume --last`. - When resuming, pass the new prompt through stdin using a quoted heredoc. The resumed session automatically uses the same model, reasoning effort, and sandbox mode from the original session. - Restate the chosen model, reasoning effort, and sandbox mode when proposing follow-up actions. ## Error Handling - Stop and report failures whenever `codex --version` or a `codex exec` command exits non-zero; request direction before retrying. - Before you use high-impact flags (`--sandbox danger-full-access`, `--dangerously-bypass-approvals-and-sandbox`, `--dangerously-bypass-hook-trust`, `--skip-git-repo-check`) ask the user for permission using AskUserQuestion unless it was already given. - When output includes warnings or partial results, summarize them and ask how to adjust using `AskUserQuestion`. ## Gotchas - `--skip-git-repo-check` bypasses an important cwd/worktree guard. Treat it like a boundary exception, not a default. - `danger-full-access` and the `--dangerously-*` bypass flags are high-impact modes. Prefer `read-only`, then `workspace-write`, then `workspace-read-network-write` only when network is required and supported, then specific `--add-dir` grants before considering full access. - If a prompt came from the user or another model, pass it as stdin or as a single already-quoted CLI argument. Never interpolate it into a shell string.
Senior backend TypeScript architect specializing in Bun/Node.js runtime, API design, database optimization, and scalable server architecture.
Expert at exploring and understanding legacy and unfamiliar codebases. Maps dependencies, identifies patterns, and creates documentation for complex systems.
Kubernetes architect specializing in cluster design, manifests, Helm charts, GitOps workflows, security policies, and production operations.
Systematic open source contributor that analyzes projects, finds suitable issues, implements fixes, and creates high-quality PRs with high acceptance probability.
Application security expert specializing in SAST, vulnerability assessment, OWASP Top 10, compliance auditing, and security architecture review.
Fullstack code reviewer with 15+ years experience analyzing code for security vulnerabilities, performance bottlenecks, architectural decisions, and best practices.
Senior technical lead who analyzes complex projects and coordinates multi-step development tasks. Delegates to specialized agents and ensures quality delivery.
Use when the user explicitly asks to stage all current changes, create a commit, and push to the remote after safety checks.