Codex Switcher

Use this skill to manage multiple local Codex accounts on one OpenClaw host with a simple snapshot workflow.

Bundled executable:

• - INLINECODE0

What this skill is

This is a small local account manager for Codex on OpenClaw.

Core idea:

• - keep OpenClaw's active Codex slot as INLINECODE1
• store each account as a separate snapshot under INLINECODE2
• switch accounts by injecting snapshot credentials into INLINECODE3
• inspect account identity and quota from the active token itself
• refresh snapshot tokens before expiry

This avoids filling openclaw.json with a growing roster of Codex aliases.

Commands

cs list

Show all saved snapshots with:

• - alias
• decoded email
• remaining time before expiry

cs current

Show the real active account email, not just the internal profile id.

cs quota

Read the current active token and query remaining Codex usage quota.

cs switch <alias>

Switch to a saved account snapshot by updating only the active Codex credentials in:

• - INLINECODE9

After switching, show:

• - current active email
• current quota summary

cs add [alias]

Start a new OAuth login flow for a brand-new account.

Workflow:

1. 1. run cs add or INLINECODE12
2. sign in in browser
3. run INLINECODE13
4. if alias was omitted, derive it from the email automatically
5. create a new snapshot file for that account

cs refresh <alias>

Force-refresh one snapshot using its refresh token.

cs refresh-all

Scan every snapshot and automatically refresh only those expiring within 24 hours.

This is intended for cron usage.

Sensitive files

This skill touches high-sensitivity local auth material.
Main files involved:

• - INLINECODE16
• INLINECODE17
• INLINECODE18
• temporary pending OAuth state files under INLINECODE19

Treat all snapshot files as secrets.
Never expose full access tokens or refresh tokens in chat.

Safety rules

• - Do not run curl | bash installers.
• Do not fetch and execute third-party account-switch scripts blindly.
• Prefer local reviewed logic only.
• Back up auth material before risky operations.
• Validate alias names before writing files.
• Use atomic writes for snapshot and auth updates.
• Do not edit unrelated OpenClaw config unless truly required.
• Do not assume a snapshot alias is truthful; decode token email when verifying.

Recommended workflow

Add a new account

• - cs add or INLINECODE22
• finish browser login
• INLINECODE23
• INLINECODE24

Switch accounts

• - INLINECODE25
• verify output shows the expected email and quota

Keep snapshots fresh

Run cs refresh-all from cron once or twice per day.

References

• - For security concerns around third-party relogin installers, read references/security-notes.md.
• For local implementation notes, read scripts/README-local-flow.md.