OpenAI Codex team fixes OpenClaw authentication vulnerability, significantly improving OpenAI model Agent behavior

According to Beating Monitoring, the OpenAI Codex team is focusing on optimizing the experience of OpenAI models within OpenClaw.

Codex project lead Tibo Sottiaux stated that the team is collaborating with OpenClaw creator Peter Steinberger and that more progress will be announced next week.

Product lead Nik Pash discovered a critical issue during debugging: when configuring OpenClaw to use the Codex harness with OpenAI models, the authentication process fails silently, causing the system to fallback to the Pi harness without notice, leading users to believe that the Codex harness is functioning normally when it is not.

Pash submitted two pull requests to fix this: one to repair the authentication bridging, and another to prevent silent fallback.

The behavior of the agent before and after the fix differs significantly.

When using the Pi harness, the agent performs only shallow polling on each heartbeat: reading the heartbeat file, checking Discord, returning HEARTBEAT_OK, ignoring other commands, sometimes inferring actions but not issuing tool calls.

After switching to the Codex harness, the agent enters a full work cycle: reading workspace context, parsing task lists, checking repositories, executing edits, attempting validation, and subsequent heartbeats can reflect progress rather than repeating work.

Pash stated that the agent’s prompt and upper-layer workflow logic remained unchanged; the improvement entirely comes from switching the underlying runtime adapter (harness), meaning the way OpenClaw communicates with the model API has changed.