金色财经|Apr 23, 2026 03:50
[OpenAI Codex Team Fixes OpenClaw Authentication Vulnerability]
According to a report by Jinse Finance, the OpenAI Codex team is focusing on optimizing the experience of OpenAI models within OpenClaw. Codex engineering lead Tibo Sottiaux stated that the team is collaborating with OpenClaw creator Peter Steinberger and hinted at more updates coming next week.
Codex product lead Nik Pash identified a critical issue during debugging: when OpenClaw is configured to use the Codex harness with OpenAI models, the authentication process malfunctions, causing the system to silently fall back to the Pi harness. This led users to believe that the Codex harness was functioning properly when, in reality, it was not. Pash submitted two pull requests (PRs) to address the issue: one to fix the authentication bridge and another to prevent silent fallback.
The difference in agent behavior before and after the fix is significant. When using the Pi harness, the agent performs only shallow polling during each heartbeat: reading the heartbeat file, checking Discord, and returning HEARTBEAT_OK while ignoring other instructions. Occasionally, it deduces that an action needs to be taken but does not issue a tool call. After switching to the Codex harness, the agent enters a full work cycle: reading workspace context, parsing task lists, checking repositories, executing edits, and attempting validation. Subsequent heartbeats can then continue progress rather than repeating tasks. Pash noted that neither the agent's prompt nor the upper-level workflow logic was modified; the improvements stem entirely from switching the underlying runtime adapter (harness), meaning the way OpenClaw communicates with the model API has changed.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink