OpenAI - Codex Docs Changes

agent-approvals-security.md +12 −4

Details

10 10

11For a high-level explanation of how sandboxing works across the Codex app, IDE11For a high-level explanation of how sandboxing works across the Codex app, IDE

12extension, and CLI, see [Sandboxing](https://developers.openai.com/codex/concepts/sandboxing).12extension, and CLI, see [Sandboxing](https://developers.openai.com/codex/concepts/sandboxing).

13For a broader enterprise security overview, see the [Codex security white paper](https://trust.openai.com/?itemUid=382f924d-54f3-43a8-a9df-c39e6c959958&source=click).

13 14

14## Sandbox and approvals15## Sandbox and approvals

15 16

80 81

81If you need Codex to read files, make edits, and run commands with network access without approval prompts, use `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag). Use caution before doing so.82If you need Codex to read files, make edits, and run commands with network access without approval prompts, use `--sandbox danger-full-access` (or the `--dangerously-bypass-approvals-and-sandbox` flag). Use caution before doing so.

82 83

83For a middle ground, `approval_policy = { reject = { ... } }` lets you auto-reject specific approval prompt categories (sandbox escalation, execpolicy-rule prompts, or MCP elicitations) while keeping other prompts interactive.84For a middle ground, `approval_policy = { granular = { ... } }` lets you keep specific approval prompt categories interactive while automatically rejecting others. The granular policy covers sandbox approvals, execpolicy-rule prompts, MCP elicitations, `request_permissions` prompts, and skill-script approvals.

84 85

85### Common sandbox and approval combinations86### Common sandbox and approval combinations

86 87

110[sandbox_workspace_write]111[sandbox_workspace_write]

111network_access = true112network_access = true

112 113

113# Optional: granular approval prompt auto-rejection114# Optional: granular approval policy

114# approval_policy = { reject = { sandbox_approval = true, rules = false, mcp_elicitations = false } }115# approval_policy = { granular = {

116# sandbox_approval = true,

117# rules = true,

118# mcp_elicitations = true,

119# request_permissions = false,

120# skill_approval = false

121# } }

115```122```

116 123

117You can also save presets as profiles, then select them with `codex --profile <name>`:124You can also save presets as profiles, then select them with `codex --profile <name>`:

144Codex enforces the sandbox differently depending on your OS:151Codex enforces the sandbox differently depending on your OS:

145 152

146- **macOS** uses Seatbelt policies and runs commands using `sandbox-exec` with a profile (`-p`) that corresponds to the `--sandbox` mode you selected. When restricted read access enables platform defaults, Codex appends a curated macOS platform policy (instead of broadly allowing `/System`) to preserve common tool compatibility.153- **macOS** uses Seatbelt policies and runs commands using `sandbox-exec` with a profile (`-p`) that corresponds to the `--sandbox` mode you selected. When restricted read access enables platform defaults, Codex appends a curated macOS platform policy (instead of broadly allowing `/System`) to preserve common tool compatibility.

147- **Linux** uses `Landlock` plus `seccomp` by default. You can opt into the alternative Linux sandbox pipeline with `features.use_linux_sandbox_bwrap = true` (or `-c use_linux_sandbox_bwrap=true`). In managed proxy mode, the bwrap pipeline routes egress through a proxy-only bridge and fails closed if it cannot build valid loopback proxy routes; landlock-only flows do not use that bridge behavior.154- **Linux** uses the bubblewrap pipeline plus `seccomp` by default. `use_legacy_landlock` is available when you need the older path. In managed proxy mode, the default bubblewrap pipeline routes egress through a proxy-only bridge and fails closed if it cannot build valid loopback proxy routes.

148- **Windows** uses the Linux sandbox implementation when running in [Windows Subsystem for Linux (WSL)](https://developers.openai.com/codex/windows#windows-subsystem-for-linux). When running natively on Windows, Codex uses a [Windows sandbox](https://developers.openai.com/codex/windows#windows-sandbox) implementation.155- **Windows** uses the Linux sandbox implementation when running in [Windows Subsystem for Linux (WSL)](https://developers.openai.com/codex/windows#windows-subsystem-for-linux). When running natively on Windows, Codex uses a [Windows sandbox](https://developers.openai.com/codex/windows#windows-sandbox) implementation.

149 156

150If you use the Codex IDE extension on Windows, it supports WSL directly. Set the following in your VS Code settings to keep the agent inside WSL whenever it’s available:157If you use the Codex IDE extension on Windows, it supports WSL directly. Set the following in your VS Code settings to keep the agent inside WSL whenever it’s available:

162```toml169```toml

163[windows]170[windows]

164sandbox = "unelevated" # or "elevated"171sandbox = "unelevated" # or "elevated"

172# sandbox_private_desktop = true # default; set false only for compatibility

165```173```

166 174

167See the [Windows setup guide](https://developers.openai.com/codex/windows#windows-sandbox) for details.175See the [Windows setup guide](https://developers.openai.com/codex/windows#windows-sandbox) for details.

ambassadors.md +0 −58 deleted

File DeletedView Diff

~~1# Codex Ambassadors~~

~~3Codex is rapidly becoming one of the most powerful ways to build,~~

~~4driven by builders who share real-world workflows and lessons with~~

~~5each other.~~

~~7Codex Ambassadors are community organizers, open-source maintainers,~~

~~8student leaders, and power users who actively spread what works, make~~

~~9Codex easier to adopt in practice, and help shape where it goes next.~~

~~11[Apply Today](https://openai.com/form/codex-ambassadors)~~

~~13[Upcoming Meetups](https://developers.openai.com/codex/community/meetups)~~

15![Codex Ambassadors leading a community workshop](/images/codex/ambassadors/ambassadors-18.jpg) ![Builders collaborating during a Codex Ambassador event](/images/codex/ambassadors/ambassadors-25.jpg)

~~17Ambassadors run hands-on meetups, workshops, and community sessions~~

~~18around the world.~~

~~20## What you’ll do~~

~~22As a Codex Ambassador, you’ll join a small global cohort and partner~~

~~23with OpenAI to:~~

~~25- Run hands-on Codex events in your local community~~

~~26- Create reusable learning assets others can build on~~

~~27- Experiment with ideas to grow and support builder communities~~

~~28- Share candid, real-world feedback directly with the Codex team~~

~~30## Who should apply~~

~~32We’re looking for people with hands-on experience leading or~~

~~33supporting developer communities, like running meetups, maintaining~~

~~34open-source projects, teaching workshops, or regularly helping~~

~~35others learn how to build.~~

~~37## Support from OpenAI~~

~~39- Codex credits to support your own work and power local events~~

~~40- Ready-to-use starter kits you can tailor to your community~~

~~41- A direct line to fellow Ambassadors and the Codex team for~~

~~42 collaboration and feedback~~

~~43- Invitations to future exclusive events where you can meet the~~

~~44 Codex team~~

~~45- Exclusive swag and a honorarium for your time and contributions~~

~~47This is a two-way program, and will also evolve our support based on~~

~~48what the cohort learns on the ground.~~

~~50**Time commitment:** ~2–4 hours per week~~

~~52## Bring your community with you~~

~~54If you like bringing people together to build, learn, and share,~~

~~55and you're excited to help shape what a great ambassador program~~

~~56can be, we'd love to hear from you.~~

~~58[Start your application](https://openai.com/form/codex-ambassadors)~~

app-server.md +16 −10

Details

21Requests include `method`, `params`, and `id`:21Requests include `method`, `params`, and `id`:

22 22

23```json23```json

~~24{ "method": "thread/start", "id": 10, "params": { "model": "gpt-5.1-codex" } }~~24{ "method": "thread/start", "id": 10, "params": { "model": "gpt-5.4" } }

25```25```

26 26

27Responses echo the `id` with either `result` or `error`:27Responses echo the `id` with either `result` or `error`:

99 },99 },

100});100});

101send({ method: "initialized", params: {} });101send({ method: "initialized", params: {} });

102send({ method: "thread/start", id: 1, params: { model: "gpt-5.1-codex" } });102send({ method: "thread/start", id: 1, params: { model: "gpt-5.4" } });

103```103```

104 104

105## Core primitives105## Core primitives

123 123

124Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. Requests sent before initialization receive a `Not initialized` error, and repeated `initialize` calls on the same connection return `Already initialized`.124Clients must send a single `initialize` request per transport connection before invoking any other method on that connection, then acknowledge with an `initialized` notification. Requests sent before initialization receive a `Not initialized` error, and repeated `initialize` calls on the same connection return `Already initialized`.

125 125

126The server returns the user agent string it will present to upstream services. Set `clientInfo` to identify your integration.126The server returns the user agent string it will present to upstream services plus `platformFamily` and `platformOs` values that describe the runtime target. Set `clientInfo` to identify your integration.

127 127

128`initialize.params.capabilities` also supports per-connection notification opt-out via `optOutNotificationMethods`, which is a list of exact method names to suppress for that connection. Matching is exact (no wildcards/prefixes). Unknown method names are accepted and ignored.128`initialize.params.capabilities` also supports per-connection notification opt-out via `optOutNotificationMethods`, which is a list of exact method names to suppress for that connection. Matching is exact (no wildcards/prefixes). Unknown method names are accepted and ignored.

129 129

159 },159 },

160 "capabilities": {160 "capabilities": {

161 "experimentalApi": true,161 "experimentalApi": true,

162 "optOutNotificationMethods": [162 "optOutNotificationMethods": ["thread/started", "item/agentMessage/delta"]

163 "codex/event/session_configured",

164 "item/agentMessage/delta"

165 ]

166 }163 }

167 }164 }

168}165}

204- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history. Returned `thread` objects include runtime `status`.201- `thread/read` - read a stored thread by id without resuming it; set `includeTurns` to return full turn history. Returned `thread` objects include runtime `status`.

205- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filters. Returned `thread` objects include runtime `status`.202- `thread/list` - page through stored thread logs; supports cursor-based pagination plus `modelProviders`, `sourceKinds`, `archived`, and `cwd` filters. Returned `thread` objects include runtime `status`.

206- `thread/loaded/list` - list the thread ids currently loaded in memory.203- `thread/loaded/list` - list the thread ids currently loaded in memory.

204- `thread/name/set` - set or update a thread's user-facing name for a loaded thread or a persisted rollout; emits `thread/name/updated`.

207- `thread/archive` - move a thread's log file into the archived directory; returns `{}` on success and emits `thread/archived`.205- `thread/archive` - move a thread's log file into the archived directory; returns `{}` on success and emits `thread/archived`.

208- `thread/unsubscribe` - unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server unloads the thread and emits `thread/closed`.206- `thread/unsubscribe` - unsubscribe this connection from thread turn/item events. If this was the last subscriber, the server unloads the thread and emits `thread/closed`.

209- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.207- `thread/unarchive` - restore an archived thread rollout back into the active sessions directory; returns the restored `thread` and emits `thread/unarchived`.

215- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.213- `turn/interrupt` - request cancellation of an in-flight turn; success is `{}` and the turn ends with `status: "interrupted"`.

216- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.214- `review/start` - kick off the Codex reviewer for a thread; emits `enteredReviewMode` and `exitedReviewMode` items.

217- `command/exec` - run a single command under the server sandbox without starting a thread/turn.215- `command/exec` - run a single command under the server sandbox without starting a thread/turn.

216- `command/exec/write` - write stdin bytes to a running `command/exec` session or close stdin.

217- `command/exec/resize` - resize a running PTY-backed `command/exec` session.

218- `command/exec/terminate` - terminate a running `command/exec` session.

218- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.219- `model/list` - list available models (set `includeHidden: true` to include entries with `hidden: true`) with effort options, optional `upgrade`, and `inputModalities`.

219- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.220- `experimentalFeature/list` - list feature flags with lifecycle stage metadata and cursor pagination.

220- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).221- `collaborationMode/list` - list collaboration mode presets (experimental, no pagination).

221- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).222- `skills/list` - list skills for one or more `cwd` values (supports `forceReload` and optional `perCwdExtraUserRoots`).

223- `plugin/list` - list discovered plugin marketplaces and plugin state, including install/auth policy metadata.

224- `plugin/read` - read one plugin by marketplace path and plugin name, including bundled skills, apps, and MCP server names.

222- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.225- `app/list` - list available apps (connectors) with pagination plus accessibility/enabled metadata.

223- `skills/config/write` - enable or disable skills by path.226- `skills/config/write` - enable or disable skills by path.

224- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.227- `mcpServer/oauth/login` - start an OAuth login for a configured MCP server; returns an authorization URL and emits `mcpServer/oauthLogin/completed` on completion.

233- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.236- `config/value/write` - write a single configuration key/value to the user's `config.toml` on disk.

234- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.237- `config/batchWrite` - apply configuration edits atomically to the user's `config.toml` on disk.

235- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists, pinned `featureRequirements`, and residency/network requirements (or `null` if you haven't set any up).238- `configRequirements/read` - fetch requirements from `requirements.toml` and/or MDM, including allow-lists, pinned `featureRequirements`, and residency/network requirements (or `null` if you haven't set any up).

239- `fs/readFile`, `fs/writeFile`, `fs/createDirectory`, `fs/getMetadata`, `fs/readDirectory`, `fs/remove`, and `fs/copy` - operate on absolute filesystem paths through the app-server v2 filesystem API.

236 240

237## Models241## Models

238 242

315 319

316```json320```json

317{ "method": "thread/start", "id": 10, "params": {321{ "method": "thread/start", "id": 10, "params": {

318 "model": "gpt-5.1-codex",322 "model": "gpt-5.4",

319 "cwd": "/Users/me/project",323 "cwd": "/Users/me/project",

320 "approvalPolicy": "never",324 "approvalPolicy": "never",

321 "sandbox": "workspaceWrite",325 "sandbox": "workspaceWrite",

570 "writableRoots": ["/Users/me/project"],574 "writableRoots": ["/Users/me/project"],

571 "networkAccess": true575 "networkAccess": true

572 },576 },

573 "model": "gpt-5.1-codex",577 "model": "gpt-5.4",

574 "effort": "medium",578 "effort": "medium",

575 "summary": "concise",579 "summary": "concise",

576 "personality": "friendly",580 "personality": "friendly",

713- The server rejects empty `command` arrays.717- The server rejects empty `command` arrays.

714- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).718- `sandboxPolicy` accepts the same shape used by `turn/start` (for example, `dangerFullAccess`, `readOnly`, `workspaceWrite`, `externalSandbox`).

715- When omitted, `timeoutMs` falls back to the server default.719- When omitted, `timeoutMs` falls back to the server default.

720- Set `tty: true` for PTY-backed sessions, and use `processId` when you plan to follow up with `command/exec/write`, `command/exec/resize`, or `command/exec/terminate`.

721- Set `streamStdoutStderr: true` to receive `command/exec/outputDelta` notifications while the command is running.

716 722

717### Read admin requirements (`configRequirements/read`)723### Read admin requirements (`configRequirements/read`)

718 724

773 779

774- Exact-match only: `item/agentMessage/delta` suppresses only that method.780- Exact-match only: `item/agentMessage/delta` suppresses only that method.

775- Unknown method names are ignored.781- Unknown method names are ignored.

776- Applies to both legacy (`codex/event/*`) and v2 (`thread/*`, `turn/*`, `item/*`, etc.) notifications.782- Applies to the current `thread/*`, `turn/*`, `item/*`, and related v2 notifications.

777- Doesn't apply to requests, responses, or errors.783- Doesn't apply to requests, responses, or errors.

778 784

779### Fuzzy file search events (experimental)785### Fuzzy file search events (experimental)

app/commands.md +18 −0

Details

48| `/review` | Start code review mode to review uncommitted changes or compare against a base branch. |48| `/review` | Start code review mode to review uncommitted changes or compare against a base branch. |

49| `/status` | Show the thread ID, context usage, and rate limits. |49| `/status` | Show the thread ID, context usage, and rate limits. |

50 50

51## Deeplinks

53The Codex app registers the `codex://` URL scheme so links can open specific parts of the app directly.

55| Deeplink | Opens | Supported query parameters |

56| --- | --- | --- |

57| `codex://settings` | Settings. | None. |

58| `codex://skills` | Skills. | None. |

59| `codex://automations` | Inbox in automation create mode. | None. |

60| `codex://threads/<thread-id>` | A local thread. `<thread-id>` must be a UUID. | None. |

61| `codex://new` | A new thread. | Optional: `prompt`, `originUrl`, `path`. |

63For new-thread deeplinks:

65- `prompt` prefills the composer.

66- `path` must be an absolute path to a local directory and, when valid, makes that directory the active workspace for the new thread.

67- `originUrl` tries to match one of your current workspace roots by Git remote URL. If both `path` and `originUrl` are present, Codex resolves `path` first.

51## See also69## See also

52 70

53- [Features](https://developers.openai.com/codex/app/features)71- [Features](https://developers.openai.com/codex/app/features)

app/features.md +3 −1

Details

85pressing <kbd>Cmd</kbd>+<kbd>J</kbd>.85pressing <kbd>Cmd</kbd>+<kbd>J</kbd>.

86 86

87Use the terminal to validate changes, run scripts, and perform Git operations87Use the terminal to validate changes, run scripts, and perform Git operations

~~88without leaving the app.~~88without leaving the app. Codex can also read the current terminal output, so

89it can check the status of a running development server or refer back to a

90failed build while it works with you.

89 91

90Common tasks include:92Common tasks include:

91 93

auth.md +19 −0

Details

91 91

92These settings are commonly applied via managed configuration rather than per-user setup. See [Managed configuration](https://developers.openai.com/codex/enterprise/managed-configuration).92These settings are commonly applied via managed configuration rather than per-user setup. See [Managed configuration](https://developers.openai.com/codex/enterprise/managed-configuration).

93 93

94## Login diagnostics

96Direct `codex login` runs write a dedicated `codex-login.log` file under

97your configured log directory. Use it when you need to debug browser-login or

98device-code failures, or when support asks for login-specific logs.

100## Custom CA bundles

101

102If your network uses a corporate TLS proxy or private root CA, set

103`CODEX_CA_CERTIFICATE` to a PEM bundle before logging in. When

104`CODEX_CA_CERTIFICATE` is unset, Codex falls back to `SSL_CERT_FILE`. The same

105custom CA settings apply to login, normal HTTPS requests, and secure websocket

106connections.

107

108```shell

109export CODEX_CA_CERTIFICATE=/path/to/corporate-root-ca.pem

110codex login

111```

112

94## Login on headless devices113## Login on headless devices

95 114

96If you are signing in to ChatGPT with the Codex CLI, there are some situations where the browser-based login UI may not work:115If you are signing in to ChatGPT with the Codex CLI, there are some situations where the browser-based login UI may not work:

cli.md +4 −4

Details

3Codex CLI is OpenAI's coding agent that you can run locally from your terminal. It can read, change, and run code on your machine in the selected directory.3Codex CLI is OpenAI's coding agent that you can run locally from your terminal. It can read, change, and run code on your machine in the selected directory.

4It's [open source](https://github.com/openai/codex) and built in Rust for speed and efficiency.4It's [open source](https://github.com/openai/codex) and built in Rust for speed and efficiency.

5 5

~~6Codex is included with ChatGPT Plus, Pro, Business, Edu, and Enterprise plans. Learn more about [what’s included](https://developers.openai.com/codex/pricing).~~6ChatGPT Plus, Pro, Business, Edu, and Enterprise plans include Codex. Learn more about [what's included](https://developers.openai.com/codex/pricing).

7 7

8## CLI setup8## CLI setup

9 9

61 61

62Attach screenshots or design specs so Codex reads them alongside your prompt.](https://developers.openai.com/codex/cli/features#image-inputs)[### Run local code review62Attach screenshots or design specs so Codex reads them alongside your prompt.](https://developers.openai.com/codex/cli/features#image-inputs)[### Run local code review

63 63

~~64Get your code reviewed by a separate Codex agent before you commit or push your changes.](https://developers.openai.com/codex/cli/features#running-local-code-review)[### Use multi-agent~~64Get your code reviewed by a separate Codex agent before you commit or push your changes.](https://developers.openai.com/codex/cli/features#running-local-code-review)[### Use subagents

65 65

~~66Enable experimental multi-agent collaboration and parallelize complex tasks.](https://developers.openai.com/codex/multi-agent)[### Web search~~66Use subagents to parallelize complex tasks.](https://developers.openai.com/codex/subagents)[### Web search

67 67

68Use Codex to search the web and get up-to-date information for your task.](https://developers.openai.com/codex/cli/features#web-search)[### Codex Cloud tasks68Use Codex to search the web and get up-to-date information for your task.](https://developers.openai.com/codex/cli/features#web-search)[### Codex Cloud tasks

69 69

70Launch a Codex Cloud task, choose environments, and apply the resulting diffs without leaving your terminal.](https://developers.openai.com/codex/cli/features#working-with-codex-cloud)[### Scripting Codex70Launch a Codex Cloud task, choose environments, and apply the resulting diffs without leaving your terminal.](https://developers.openai.com/codex/cli/features#working-with-codex-cloud)[### Scripting Codex

71 71

~~72Automate repeatable workflows by scripting Codex with the `exec` command.](https://developers.openai.com/codex/sdk#using-codex-cli-programmatically)[### Model Context Protocol~~72Automate repeatable workflows by scripting Codex with the `exec` command.](https://developers.openai.com/codex/noninteractive)[### Model Context Protocol

73 73

74Give Codex access to additional third-party tools and context with Model Context Protocol (MCP).](https://developers.openai.com/codex/mcp)[### Approval modes74Give Codex access to additional third-party tools and context with Model Context Protocol (MCP).](https://developers.openai.com/codex/mcp)[### Approval modes

75 75

cli/features.md +13 −4

Details

20 20

21- Send prompts, code snippets, or screenshots (see [image inputs](#image-inputs)) directly into the composer.21- Send prompts, code snippets, or screenshots (see [image inputs](#image-inputs)) directly into the composer.

22- Watch Codex explain its plan before making a change, and approve or reject steps inline.22- Watch Codex explain its plan before making a change, and approve or reject steps inline.

~~23- Read syntax-highlighted markdown code blocks and diffs in the TUI, then use `/theme` to preview and save a preferred color theme.~~23- Read syntax-highlighted markdown code blocks and diffs in the TUI, then use `/theme` to preview and save a preferred theme.

24- Use `/clear` to wipe the terminal and start a fresh chat, or press <kbd>Ctrl</kbd>+<kbd>L</kbd> to clear the screen without starting a new conversation.24- Use `/clear` to wipe the terminal and start a fresh chat, or press <kbd>Ctrl</kbd>+<kbd>L</kbd> to clear the screen without starting a new conversation.

25- Use `/copy` to copy the latest completed Codex output. If a turn is still running, Codex copies the most recent finished output instead of in-progress text.25- Use `/copy` to copy the latest completed Codex output. If a turn is still running, Codex copies the most recent finished output instead of in-progress text.

26- Navigate draft history in the composer with <kbd>Up</kbd>/<kbd>Down</kbd>; Codex restores prior draft text and image placeholders.26- Navigate draft history in the composer with <kbd>Up</kbd>/<kbd>Down</kbd>; Codex restores prior draft text and image placeholders.

46 46

47## Models and reasoning47## Models and reasoning

48 48

49For most tasks in Codex, `gpt-5.4` is the recommended model. It brings the industry-leading coding capabilities of `gpt-5.3-codex` to OpenAI’s flagship frontier model, combining frontier coding performance with stronger reasoning, native computer use, and broader professional workflows. For extra fast tasks, ChatGPT Pro subscribers have access to the GPT-5.3-Codex-Spark model in research preview.49For most tasks in Codex, `gpt-5.4` is the recommended model. It brings the

50industry-leading coding capabilities of `gpt-5.3-codex` to OpenAI’s flagship

51frontier model, combining frontier coding performance with stronger reasoning,

52native computer use, and broader professional workflows. For extra fast tasks,

53ChatGPT Pro subscribers have access to the GPT-5.3-Codex-Spark model in

54research preview.

50 55

51Switch models mid-session with the `/model` command, or specify one when launching the CLI.56Switch models mid-session with the `/model` command, or specify one when launching the CLI.

52 57

68 73

69`codex features enable <feature>` and `codex features disable <feature>` write to `~/.codex/config.toml`. If you launch Codex with `--profile`, Codex stores the change in that profile rather than the root configuration.74`codex features enable <feature>` and `codex features disable <feature>` write to `~/.codex/config.toml`. If you launch Codex with `--profile`, Codex stores the change in that profile rather than the root configuration.

70 75

~~71## Multi-agents (experimental)~~76## Subagents

72 77

73Use Codex multi-agent workflows to parallelize larger tasks. For setup, role configuration (`[agents]` in `config.toml`), and examples, see [Multi-agents](https://developers.openai.com/codex/multi-agent).78Use Codex subagent workflows to parallelize larger tasks. For setup, role configuration (`[agents]` in `config.toml`), and examples, see [Subagents](https://developers.openai.com/codex/subagents).

80Codex only spawns subagents when you explicitly ask it to. Because each

81subagent does its own model and tool work, subagent workflows consume more

82tokens than comparable single-agent runs.

74 83

75## Image inputs84## Image inputs

76 85

cli/slash-commands.md +13 −5

Details

8This guide shows you how to:8This guide shows you how to:

9 9

10- Find the right built-in slash command for a task10- Find the right built-in slash command for a task

~~11- Steer an active session with commands like `/model`, `/personality`,~~11- Steer an active session with commands like `/model`, `/fast`,

~~12 `/permissions`, `/experimental`, `/agent`, and `/status`~~12 `/personality`, `/permissions`, `/agent`, and `/status`

13 13

14## Built-in slash commands14## Built-in slash commands

15 15

20| ------------------------------------------------------------------------------- | --------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- |20| ------------------------------------------------------------------------------- | --------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------- |

21| [`/permissions`](#update-permissions-with-permissions) | Set what Codex can do without asking first. | Relax or tighten approval requirements mid-session, such as switching between Auto and Read Only. |21| [`/permissions`](#update-permissions-with-permissions) | Set what Codex can do without asking first. | Relax or tighten approval requirements mid-session, such as switching between Auto and Read Only. |

22| [`/sandbox-add-read-dir`](#grant-sandbox-read-access-with-sandbox-add-read-dir) | Grant sandbox read access to an extra directory (Windows only). | Unblock commands that need to read an absolute directory path outside the current readable roots. |22| [`/sandbox-add-read-dir`](#grant-sandbox-read-access-with-sandbox-add-read-dir) | Grant sandbox read access to an extra directory (Windows only). | Unblock commands that need to read an absolute directory path outside the current readable roots. |

26| [`/compact`](#keep-transcripts-lean-with-compact) | Summarize the visible conversation to free tokens. | Use after long runs so Codex retains key points without blowing the context window. |26| [`/compact`](#keep-transcripts-lean-with-compact) | Summarize the visible conversation to free tokens. | Use after long runs so Codex retains key points without blowing the context window. |

32| [`/init`](#generate-agentsmd-with-init) | Generate an `AGENTS.md` scaffold in the current directory. | Capture persistent instructions for the repository or subdirectory you're working in. |32| [`/init`](#generate-agentsmd-with-init) | Generate an `AGENTS.md` scaffold in the current directory. | Capture persistent instructions for the repository or subdirectory you're working in. |

36| [`/model`](#set-the-active-model-with-model) | Choose the active model (and reasoning effort, when available). | Switch between general-purpose models (`gpt-4.1-mini`) and deeper reasoning models before running a task. |36| [`/model`](#set-the-active-model-with-model) | Choose the active model (and reasoning effort, when available). | Switch between general-purpose models (`gpt-4.1-mini`) and deeper reasoning models before running a task. |

37| [`/fast`](#toggle-fast-mode-with-fast) | Toggle Fast mode for GPT-5.4. | Turn Fast mode on or off, or check whether the current thread is using it. |

37| [`/plan`](#switch-to-plan-mode-with-plan) | Switch to plan mode and optionally send a prompt. | Ask Codex to propose an execution plan before implementation work starts. |38| [`/plan`](#switch-to-plan-mode-with-plan) | Switch to plan mode and optionally send a prompt. | Ask Codex to propose an execution plan before implementation work starts. |

38| [`/personality`](#set-a-communication-style-with-personality) | Choose a communication style for responses. | Make Codex more concise, more explanatory, or more collaborative without changing your instructions. |39| [`/personality`](#set-a-communication-style-with-personality) | Choose a communication style for responses. | Make Codex more concise, more explanatory, or more collaborative without changing your instructions. |

39| [`/ps`](#check-background-terminals-with-ps) | Show experimental background terminals and their recent output. | Check long-running commands without leaving the main transcript. |40| [`/ps`](#check-background-terminals-with-ps) | Show experimental background terminals and their recent output. | Check long-running commands without leaving the main transcript. |

63 64

64Expected: Codex confirms the new model in the transcript. Run `/status` to verify the change.65Expected: Codex confirms the new model in the transcript. Run `/status` to verify the change.

65 66

67### Toggle Fast mode with `/fast`

691. Type `/fast on`, `/fast off`, or `/fast status`.

702. If you want the setting to persist, confirm the update when Codex offers to save it.

72Expected: Codex reports whether Fast mode is on or off for the current thread. In the TUI footer, you can also show a Fast mode status-line item with `/statusline`.

66### Set a communication style with `/personality`74### Set a communication style with `/personality`

67 75

68Use `/personality` to change how Codex communicates without rewriting your prompt.76Use `/personality` to change how Codex communicates without rewriting your prompt.

92### Toggle experimental features with `/experimental`100### Toggle experimental features with `/experimental`

93 101

941. Type `/experimental` and press Enter.1021. Type `/experimental` and press Enter.

~~952. Toggle the features you want (for example, **Multi-agents**), then restart Codex.~~1032. Toggle the features you want (for example, Apps or Smart Approvals), then restart Codex if the prompt asks you to.

96 104

97Expected: Codex saves your feature choices to config and applies them on restart.105Expected: Codex saves your feature choices to config and applies them on restart.

98 106

codex.md +3 −3

Details

22 22

23 Learn more](https://developers.openai.com/codex/explore) [### Community23 Learn more](https://developers.openai.com/codex/explore) [### Community

24 24

~~25Explore Codex Ambassadors and upcoming community meetups by location.~~25Read community posts, explore meetups, and connect with Codex builders.

26 26

~~27 See community](https://developers.openai.com/codex/community/meetups) [### Codex for OSS~~27 See community](/community) [### Codex for Open Source

28 28

29Apply or nominate maintainers for API credits, ChatGPT Pro with Codex, and selective Codex Security access.29Apply or nominate maintainers for API credits, ChatGPT Pro with Codex, and selective Codex Security access.

30 30

~~31 Learn more](https://developers.openai.com/codex/community/codex-for-oss)~~31 Learn more](https://developers.openai.com/community/codex-for-oss)

codex-for-oss-terms.md +1 −1

Details

1# Codex for Open Source Program Terms1# Codex for Open Source Program Terms

2 2

3These Program Terms govern the Codex for Open Source program (the “Program”) offered by OpenAI OpCo, LLC and its affiliates (“OpenAI,” “we,” “our,” or “us”). By submitting an application to the Program or accepting any Program benefit, you agree to these Program Terms.3These Program Terms govern the Codex for OSS program (the "Program") offered by OpenAI OpCo, LLC and its affiliates ("OpenAI," "we," "our," or "us"). By submitting an application to the Program or accepting any Program benefit, you agree to these Program Terms.

4 4

5These Program Terms supplement, and do not replace, the OpenAI Terms of Use, Privacy Policy, applicable service terms, and OpenAI policies that govern your use of ChatGPT, Codex, the API, and any other OpenAI services made available through the Program. If there is a conflict, these Program Terms control only with respect to the Program.5These Program Terms supplement, and do not replace, the OpenAI Terms of Use, Privacy Policy, applicable service terms, and OpenAI policies that govern your use of ChatGPT, Codex, the API, and any other OpenAI services made available through the Program. If there is a conflict, these Program Terms control only with respect to the Program.

6 6

community/codex-for-oss.md +0 −19 deleted

File DeletedView Diff

~~1# Codex for Open Source~~

3Open-source maintainers do critical work, often behind the scenes, to keep the software ecosystem healthy. Over the past year, the Codex Open Source Fund ($1 million) has supported projects that need API credits, including teams using Codex to power GitHub pull request workflows. OpenAI is grateful to the maintainers who keep that work moving.

5The fund now supports eligible maintainers by offering six months of ChatGPT Pro with Codex and conditional access to Codex Security for core maintainers with write access. Developers should code in the tools they prefer, whether that’s Codex, [OpenCode](https://github.com/anomalyco/opencode), [Cline](https://github.com/cline/cline), [pi](https://github.com/badlogic/pi-mono/tree/main/packages/coding-agent), [OpenClaw](https://github.com/openclaw/openclaw), or something else, and this program supports that work.

~~7## What the program includes~~

~~9- Six months of ChatGPT Pro with Codex for day-to-day coding, triage, review, and maintainer workflows~~

~~10- Conditional access to Codex Security for repositories that need deeper security coverage~~

~~11- API credits through the Codex Open Source Fund for projects that use Codex in pull request review, maintainer automation, release workflows, or other core OSS work~~

~~13Given GPT-5.4’s capabilities, the team reviews Codex Security access case by case to ensure these workflows get the care and diligence they require.~~

~~15If you’re a core maintainer or run a widely used public project, apply. If your project doesn’t fit the criteria but it plays an important role in the ecosystem, apply anyway and explain why.~~

~~17By submitting an application, you agree to the [Codex for Open Source Program Terms](https://developers.openai.com/codex/codex-for-oss-terms).~~

~~19[Apply today!](https://openai.com/form/codex-for-oss/)~~

community/meetups.md +0 −17 deleted

File DeletedView Diff

~~1# Codex Meetups~~

~~3Apr 8~~

~~5![Stylized city cover for Mexico City](https://developers.openai.com/codex/meetups/mexico-city.webp)~~

~~7UpcomingApr 8~~

~~9Mexico City, Mexico~~

~~11### Mexico City~~

~~13April 8, 2026~~

~~15Hosted by [Ben Kim](https://ben-k.im) and [Javier Rivero](https://www.linkedin.com/in/javierriveroe)~~

~~17[Register now](https://luma.com/suipk589)[Share city](https://developers.openai.com/codex/community/meetups?city=Mexico%20City)~~

concepts/customization.md +18 −12

Details

7- **Project guidance (`AGENTS.md`)** for persistent instructions7- **Project guidance (`AGENTS.md`)** for persistent instructions

8- **Skills** for reusable workflows and domain expertise8- **Skills** for reusable workflows and domain expertise

9- **[MCP](https://developers.openai.com/codex/mcp)** for access to external tools and shared systems9- **[MCP](https://developers.openai.com/codex/mcp)** for access to external tools and shared systems

~~10- **[Multi-agents](https://developers.openai.com/codex/concepts/multi-agents)** for delegating work to specialized sub-agents~~10- **[Subagents](https://developers.openai.com/codex/concepts/subagents)** for delegating work to specialized subagents

11 11

12These are complementary, not competing. `AGENTS.md` shapes behavior, skills package repeatable processes, and [MCP](https://developers.openai.com/codex/mcp) connects Codex to systems outside the local workspace.12These are complementary, not competing. `AGENTS.md` shapes behavior, skills package repeatable processes, and [MCP](https://developers.openai.com/codex/mcp) connects Codex to systems outside the local workspace.

13 13

19 19

20- Build and test commands20- Build and test commands

21- Review expectations21- Review expectations

~~22- Repo-specific conventions~~22- repo-specific conventions

23- Directory-specific instructions23- Directory-specific instructions

24 24

25When the agent makes incorrect assumptions about your codebase, correct them in `AGENTS.md` and ask the agent to update `AGENTS.md` so the fix persists. Treat it as a feedback loop.25When the agent makes incorrect assumptions about your codebase, correct them in `AGENTS.md` and ask the agent to update `AGENTS.md` so the fix persists. Treat it as a feedback loop.

44 - AGENTS.md Global (for you as a developer)44 - AGENTS.md Global (for you as a developer)

45- repo-root/45- repo-root/

46 46

~~47 - AGENTS.md Repo-specific (for your team)~~47 - AGENTS.md repo-specific (for your team)

48 48

49[Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md)49[Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md)

50 50

54Skills are often the best fit for reusable workflows because they support richer instructions, scripts, and references while staying reusable across tasks.54Skills are often the best fit for reusable workflows because they support richer instructions, scripts, and references while staying reusable across tasks.

55Skills are loaded and visible to the agent (at least their metadata), so Codex can discover and choose them implicitly. This keeps rich workflows available without bloating context up front.55Skills are loaded and visible to the agent (at least their metadata), so Codex can discover and choose them implicitly. This keeps rich workflows available without bloating context up front.

56 56

57Use skill folders to author and iterate on workflows locally. If a plugin

58already exists for the workflow, install it first to reuse a proven setup. When

59you want to distribute your own workflow across teams or bundle it with app

60integrations, package it as a [plugin](https://developers.openai.com/codex/plugins/build). Skills remain the

61authoring format; plugins are the installable distribution unit.

57A skill is typically a `SKILL.md` file plus optional scripts, references, and assets.63A skill is typically a `SKILL.md` file plus optional scripts, references, and assets.

58 64

59- my-skill/65- my-skill/

89 95

91| :----- | :--------------------- | :--------------------------------------------- |97| :----- | :--------------------- | :--------------------------------------------- |

94 100

95Codex uses progressive disclosure for skills:101Codex uses progressive disclosure for skills:

105## MCP111## MCP

106 112

107MCP (Model Context Protocol) is the standard way to connect Codex to external tools and context providers.113MCP (Model Context Protocol) is the standard way to connect Codex to external tools and context providers.

108It’s especially useful for remotely hosted systems such as Figma, Linear, Jira, GitHub, or internal knowledge services your team depends on.114It's especially useful for remotely hosted systems such as Figma, Linear, GitHub, or internal knowledge services your team depends on.

109 115

110Use MCP when Codex needs capabilities that live outside the local repo, such as issue trackers, design tools, browsers, or shared documentation systems.116Use MCP when Codex needs capabilities that live outside the local repo, such as issue trackers, design tools, browsers, or shared documentation systems.

111 117

112A useful mental model:118One way to think about it:

113 119

114- **Host**: Codex120- **Host**: Codex

115- **Client**: the MCP connection inside Codex121- **Client**: the MCP connection inside Codex

129 135

130[Model Context Protocol](https://developers.openai.com/codex/mcp)136[Model Context Protocol](https://developers.openai.com/codex/mcp)

131 137

132## Multi-agents138## Subagents

133 139

134You can create different agents with different roles and prompt them to use tools differently. For example, one agent might run specific testing commands and configurations, while another has MCP servers that fetch production logs for debugging. Each sub-agent stays focused and uses the right tools for its job.140You can create different agents with different roles and prompt them to use tools differently. For example, one agent might run specific testing commands and configurations, while another has MCP servers that fetch production logs for debugging. Each subagent stays focused and uses the right tools for its job.

135 141

136[Multi-agents concepts](https://developers.openai.com/codex/concepts/multi-agents)142[Subagent concepts](https://developers.openai.com/codex/concepts/subagents)

137 143

138## Skills + MCP together144## Skills + MCP together

139 145

145Build in this order:151Build in this order:

146 152

1471. [Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md) so Codex follows your repo conventions. Add pre-commit hooks and linters to enforce those rules.1531. [Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md) so Codex follows your repo conventions. Add pre-commit hooks and linters to enforce those rules.

1482. [Skills](https://developers.openai.com/codex/skills) so you never have the same conversation twice. Skills can include a `scripts/` directory with CLI scripts or pair with [MCP](https://developers.openai.com/codex/mcp) for external systems.1542. Install a [plugin](https://developers.openai.com/codex/plugins) when a reusable workflow already exists. Otherwise, create a [skill](https://developers.openai.com/codex/skills) and package it as a plugin when you want to share it.

1493. [MCP](https://developers.openai.com/codex/mcp) when workflows need external systems (Linear, JIRA, docs servers, design tools).1553. [MCP](https://developers.openai.com/codex/mcp) when workflows need external systems (Linear, GitHub, docs servers, design tools).

1504. [Multi-agents](https://developers.openai.com/codex/multi-agent) when you’re ready to delegate noisy or specialized tasks to sub-agents.1564. [Subagents](https://developers.openai.com/codex/subagents) when you're ready to delegate noisy or specialized tasks to subagents.

concepts/multi-agents.md +0 −53 deleted

File DeletedView Diff

~~1# Multi-agents~~

~~3Codex can run multi-agent workflows by spawning specialized agents in parallel and collecting their results in one response.~~

~~5This page explains the core concepts and tradeoffs. For setup, agent configuration, and examples, see [Multi-agents](https://developers.openai.com/codex/multi-agent).~~

~~7## Why multi-agent workflows help~~

9Even with large context windows, models have limits. If you flood the main conversation (where you’re defining requirements, constraints, and decisions) with noisy intermediate output such as exploration notes, test logs, stack traces, and command output, the session can become less reliable over time.

~~11This is often described as:~~

~~13- **Context pollution**: useful information gets buried under noisy intermediate output.~~

~~14- **Context rot**: performance degrades as the conversation fills up with less relevant details.~~

~~16For background, see Chroma’s writeup on [context rot](https://research.trychroma.com/context-rot).~~

~~18Multi-agent workflows help by moving noisy work off the main thread:~~

~~20- Keep the **main agent** focused on requirements, decisions, and final outputs.~~

~~21- Run specialized **sub-agents** in parallel for exploration, tests, or log analysis.~~

~~22- Return **summaries** from sub-agents instead of raw intermediate output.~~

24As a starting point, use parallel agents for tasks that mostly read (exploration, tests, triage, and summarization). Be more careful with parallel write-heavy workflows, because multiple agents editing code at once can create conflicts and increase coordination overhead.

~~26## Core terms~~

~~28Codex uses a few related terms in multi-agent workflows:~~

~~30- **Multi-agent**: A workflow where Codex runs multiple agents in parallel and combines their results.~~

~~31- **Sub-agent**: A delegated agent that Codex starts to handle a specific task.~~

~~32- **Agent thread**: The CLI thread for an agent, which you can inspect and switch between with `/agent`.~~

~~34## Choosing models and reasoning~~

~~36Different agents benefit from different model and reasoning settings.~~

~~38`gpt-5.3-codex-spark` is available in research preview for ChatGPT Pro~~

~~39subscribers. See [Models](https://developers.openai.com/codex/models) for current availability. If you’re~~

~~40using Codex via the API, use GPT-5.2-Codex today.~~

~~42### Model choice~~

44- **`gpt-5.3-codex`**: Use for agents that need stronger reasoning, such as code review, security analysis, multi-step implementation, or tasks with ambiguous requirements. The main agent and agents that propose or apply edits usually fit here.

45- **`gpt-5.3-codex-spark`**: Use for agents that prioritize speed over depth, such as exploration, read-heavy scans, or quick summarization tasks. Spark works well for parallel workers that return distilled results to the main agent.

~~47### Reasoning effort (`model_reasoning_effort`)~~

~~49- **`high`**: Use when an agent needs to trace complex logic, validate assumptions, or work through edge cases (for example, reviewer or security-focused agents).~~

~~50- **`medium`**: A balanced default for most agents.~~

~~51- **`low`**: Use when the task is straightforward and speed matters most.~~

53Higher reasoning effort increases response time and token usage, but it can improve quality for complex work. For details, see [Models](https://developers.openai.com/codex/models), [Config basics](https://developers.openai.com/codex/config-basic), and [Configuration Reference](https://developers.openai.com/codex/config-reference).

concepts/sandboxing.md +37 −0

Details

36inside enforced limits. That makes it easier to let Codex work independently36inside enforced limits. That makes it easier to let Codex work independently

37while still knowing when it will stop and ask for help.37while still knowing when it will stop and ask for help.

38 38

39## Getting started

41Codex applies sandboxing automatically when you use the default permissions

42mode.

44### Prerequisites

46On **macOS**, sandboxing works out of the box using the built-in Seatbelt

47framework.

49On **Windows**, Codex uses the native [Windows

50sandbox](https://developers.openai.com/codex/windows#windows-sandbox) when you run in PowerShell and the

51Linux sandbox implementation when you run in WSL2.

53On **Linux and WSL2**, install `bubblewrap` with your package manager first:

55```bash

56sudo apt install bubblewrap

57```

59```bash

60sudo dnf install bubblewrap

61```

63Codex uses the system `bwrap` at `/usr/bin/bwrap` when it is available. If it

64is missing, Codex falls back to a bundled helper, but that helper requires

65unprivileged user namespaces. Installing your distro’s `bubblewrap` package is

66the most reliable setup.

68Codex surfaces a startup warning when `bwrap` is missing or cannot create user

69namespaces. On distributions that restrict them with AppArmor, you can enable

70them with:

72```bash

73sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0

74```

39## How you control it76## How you control it

40 77

41Most people start with the permissions controls in the product.78Most people start with the permissions controls in the product.

concepts/subagents.md +90 −0 added

Details

1# Subagents

3Codex can run subagent workflows by spawning specialized agents in parallel so

4they can explore, tackle, or analyze work concurrently.

6This page explains the core concepts and tradeoffs. For setup, agent configuration, and examples, see [Subagents](https://developers.openai.com/codex/subagents).

8## Why subagent workflows help

10Even with large context windows, models have limits. If you flood the main conversation (where you're defining requirements, constraints, and decisions) with noisy intermediate output such as exploration notes, test logs, stack traces, and command output, the session can become less reliable over time.

12This is often described as:

14- **Context pollution**: useful information gets buried under noisy intermediate output.

15- **Context rot**: performance degrades as the conversation fills up with less relevant details.

17For background, see the Chroma writeup on [context rot](https://research.trychroma.com/context-rot).

19Subagent workflows help by moving noisy work off the main thread:

21- Keep the **main agent** focused on requirements, decisions, and final outputs.

22- Run specialized **subagents** in parallel for exploration, tests, or log analysis.

23- Return **summaries** from subagents instead of raw intermediate output.

25They can also save time when the work can run independently in parallel, and

26they make larger-shaped tasks more tractable by breaking them into bounded

27pieces. For example, Codex can split analysis of a multi-million-token

28document into smaller problems and return distilled takeaways to the main

29thread.

31As a starting point, use parallel agents for read-heavy tasks such as

32exploration, tests, triage, and summarization. Be more careful with parallel

33write-heavy workflows, because agents editing code at once can create

34conflicts and increase coordination overhead.

36## Core terms

38Codex uses a few related terms in subagent workflows:

40- **Subagent workflow**: A workflow where Codex runs parallel agents and combines their results.

41- **Subagent**: A delegated agent that Codex starts to handle a specific task.

42- **Agent thread**: The CLI thread for an agent, which you can inspect and switch between with `/agent`.

44## Triggering subagent workflows

46Codex doesn't spawn subagents automatically, and it should only use subagents when you

47explicitly ask for subagents or parallel agent work.

49In practice, manual triggering means using direct instructions such as

50"spawn two agents," "delegate this work in parallel," or "use one agent per

51point." Subagent workflows consume more tokens than comparable single-agent runs

52because each subagent does its own model and tool work.

54A good subagent prompt should explain how to divide the work, whether Codex

55should wait for all agents before continuing, and what summary or output to

56return.

58```text

59Review this branch with parallel subagents. Spawn one subagent for security risks, one for test gaps, and one for maintainability. Wait for all three, then summarize the findings by category with file references.

60```

62## Choosing models and reasoning

64Different agents need different model and reasoning settings.

66If you don't pin a model or `model_reasoning_effort`, Codex can choose a setup

67that balances intelligence, speed, and price for the task. It may favor

68`gpt-5.4-mini` for fast scans or a higher-effort `gpt-5.4`

69configuration for more demanding reasoning. When you want finer control, steer that

70choice in your prompt or set `model` and `model_reasoning_effort` directly in

71the agent file.

73For most tasks in Codex, start with `gpt-5.4`. Use `gpt-5.4-mini` when you

74want a faster, lower-cost option for lighter subagent work. If you have

75ChatGPT Pro and want near-instant text-only iteration, `gpt-5.3-codex-spark`

76remains available in research preview.

78### Model choice

80- **`gpt-5.4`**: Start here for most agents. It combines strong coding, reasoning, tool use, and broader workflows. The main agent and agents that coordinate ambiguous or multi-step work fit here.

81- **`gpt-5.4-mini`**: Use for agents that favor speed and efficiency over depth, such as exploration, read-heavy scans, large-file review, or processing supporting documents. It works well for parallel workers that return distilled results to the main agent.

82- **`gpt-5.3-codex-spark`**: If you have ChatGPT Pro, use this research preview model for near-instant, text-only iteration when latency matters more than broader capability.

84### Reasoning effort (`model_reasoning_effort`)

86- **`high`**: Use when an agent needs to trace complex logic, check assumptions, or work through edge cases (for example, reviewer or security-focused agents).

87- **`medium`**: A balanced default for most agents.

88- **`low`**: Use when the task is straightforward and speed matters most.

90Higher reasoning effort increases response time and token usage, but it can improve quality for complex work. For details, see [Models](https://developers.openai.com/codex/models), [Config basics](https://developers.openai.com/codex/config-basic), and [Configuration Reference](https://developers.openai.com/codex/config-reference).

config-advanced.md +37 −9

Details

2 2

3Use these options when you need more control over providers, policies, and integrations. For a quick start, see [Config basics](https://developers.openai.com/codex/config-basic).3Use these options when you need more control over providers, policies, and integrations. For a quick start, see [Config basics](https://developers.openai.com/codex/config-basic).

4 4

5For background on project guidance, reusable capabilities, custom slash commands, multi-agent workflows, and integrations, see [Customization](https://developers.openai.com/codex/concepts/customization). For configuration keys, see [Configuration Reference](https://developers.openai.com/codex/config-reference).5For background on project guidance, reusable capabilities, custom slash commands, subagent workflows, and integrations, see [Customization](https://developers.openai.com/codex/concepts/customization). For configuration keys, see [Configuration Reference](https://developers.openai.com/codex/config-reference).

6 6

7## Profiles7## Profiles

8 8

74 74

75For shared defaults, rules, and skills checked into repos or system paths, see [Team Config](https://developers.openai.com/codex/enterprise/admin-setup#team-config).75For shared defaults, rules, and skills checked into repos or system paths, see [Team Config](https://developers.openai.com/codex/enterprise/admin-setup#team-config).

76 76

77If you just need to point the built-in OpenAI provider at an LLM proxy, router, or data-residency enabled project, set environment variable `OPENAI_BASE_URL` instead of defining a new provider. This overrides the default OpenAI endpoint without a `config.toml` change.77If you just need to point the built-in OpenAI provider at an LLM proxy, router, or data-residency enabled project, set `openai_base_url` in `config.toml` instead of defining a new provider. This changes the base URL for the built-in `openai` provider without requiring a separate `model_providers.<id>` entry.

78 78

79```toml79```toml

~~80export OPENAI_BASE_URL="https://api.openai.com/v1"~~80openai_base_url = "https://us.api.openai.com/v1"

~~81codex~~

82```81```

83 82

84## Project config files (`.codex/config.toml`)83## Project config files (`.codex/config.toml`)

87 86

88For security, Codex loads project-scoped config files only when the project is trusted. If the project is untrusted, Codex ignores `.codex/config.toml` files in the project.87For security, Codex loads project-scoped config files only when the project is trusted. If the project is untrusted, Codex ignores `.codex/config.toml` files in the project.

89 88

~~90Relative paths inside a project config (for example, `experimental_instructions_file`) are resolved relative to the `.codex/` folder that contains the `config.toml`.~~89Relative paths inside a project config (for example, `model_instructions_file`) are resolved relative to the `.codex/` folder that contains the `config.toml`.

91## Hooks (experimental)

93Codex can also load lifecycle hooks from `hooks.json` files that sit next to

94active config layers.

96In practice, the two most useful locations are:

98- `~/.codex/hooks.json`

99- `<repo>/.codex/hooks.json`

100

101Turn hooks on with:

102

103```toml

104[features]

105codex_hooks = true

106```

107

108For the current event list, input fields, output behavior, and limitations, see

109[Hooks](https://developers.openai.com/codex/hooks).

91 110

92## Agent roles (`[agents]` in `config.toml`)111## Agent roles (`[agents]` in `config.toml`)

93 112

~~94For multi-agent role configuration (`[agents]` in `config.toml`), see [Multi-agents](https://developers.openai.com/codex/multi-agent).~~113For subagent role configuration (`[agents]` in `config.toml`), see [Subagents](https://developers.openai.com/codex/subagents).

95 114

96## Project root detection115## Project root detection

97 116

190 209

191Pick approval strictness (affects when Codex pauses) and sandbox level (affects file/network access).210Pick approval strictness (affects when Codex pauses) and sandbox level (affects file/network access).

192 211

193For operational details that are easy to miss while editing `config.toml`, see [Common sandbox and approval combinations](https://developers.openai.com/codex/agent-approvals-security#common-sandbox-and-approval-combinations), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).212For operational details to keep in mind while editing `config.toml`, see [Common sandbox and approval combinations](https://developers.openai.com/codex/agent-approvals-security#common-sandbox-and-approval-combinations), [Protected paths in writable roots](https://developers.openai.com/codex/agent-approvals-security#protected-paths-in-writable-roots), and [Network access](https://developers.openai.com/codex/agent-approvals-security#network-access).

194 213

195You can also use a granular reject policy (`approval_policy = { reject = { ... } }`) to auto-reject only selected prompt categories, such as sandbox approvals, `execpolicy` rule prompts, or MCP input requests (`mcp_elicitations`), while keeping other prompts interactive.214You can also use a granular approval policy (`approval_policy = { granular = { ... } }`) to allow or auto-reject individual prompt categories. This is useful when you want normal interactive approvals for some cases but want others, such as `request_permissions` or skill-script prompts, to fail closed automatically.

196 215

197```216```

198approval_policy = "untrusted" # Other options: on-request, never, or { reject = { ... } }217approval_policy = "untrusted" # Other options: on-request, never, or { granular = { ... } }

199sandbox_mode = "workspace-write"218sandbox_mode = "workspace-write"

200allow_login_shell = false # Optional hardening: disallow login shells for shell tools219allow_login_shell = false # Optional hardening: disallow login shells for shell tools

201 220

221# Example granular approval policy:

222# approval_policy = { granular = {

223# sandbox_approval = true,

224# rules = true,

225# mcp_elicitations = true,

226# request_permissions = false,

227# skill_approval = false

228# } }

229

202[sandbox_workspace_write]230[sandbox_workspace_write]

203exclude_tmpdir_env_var = false # Allow $TMPDIR231exclude_tmpdir_env_var = false # Allow $TMPDIR

204exclude_slash_tmp = false # Allow /tmp232exclude_slash_tmp = false # Allow /tmp

config-basic.md +11 −13

Details

148| Key | Default | Maturity | Description |148| Key | Default | Maturity | Description |

149| -------------------- | :-------------------: | ------------ | ---------------------------------------------------------------------------------------- |149| -------------------- | :-------------------: | ------------ | ---------------------------------------------------------------------------------------- |

167 163

168The Maturity column uses feature maturity labels such as Experimental, Beta,164The Maturity column uses feature maturity labels such as Experimental, Beta,

169 and Stable. See [Feature Maturity](https://developers.openai.com/codex/feature-maturity) for how to165 and Stable. See [Feature Maturity](https://developers.openai.com/codex/feature-maturity) for how to

171 167

172Omit feature keys to keep their defaults.168Omit feature keys to keep their defaults.

173 169

170For the current lifecycle hooks MVP, see [Hooks](https://developers.openai.com/codex/hooks).

171

174### Enabling features172### Enabling features

175 173

176- In `config.toml`, add `feature_name = true` under `[features]`.174- In `config.toml`, add `feature_name = true` under `[features]`.

config-reference.md +149 −305

Details

19| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |19| `allow_login_shell` | `boolean` | Allow shell-based tools to use login-shell semantics. Defaults to `true`; when `false`, `login = true` requests are rejected and omitted `login` defaults to non-login shells. |

21| `approval_policy` | `untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |21| `approval_policy` | `untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }` | Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs. |

25| `approval_policy.granular.sandbox_approval` | `boolean` | When `true`, sandbox escalation approval prompts are allowed to surface. |

26| `approval_policy.granular.skill_approval` | `boolean` | When `true`, skill-script approval prompts are allowed to surface. |

43| `default_permissions` | `string` | Name of the default permissions profile to apply to sandboxed tool calls. |

~~47| `features.artifact` | `boolean` | Enable native artifact tools such as slides and spreadsheets (under development). |~~

~~48| `features.child_agents_md` | `boolean` | Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental). |~~

~~49| `features.collaboration_modes` | `boolean` | Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key. |~~

~~50| `features.default_mode_request_user_input` | `boolean` | Allow `request_user_input` in default collaboration mode (under development; off by default). |~~

~~51| `features.elevated_windows_sandbox` | `boolean` | Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it. |~~

~~53| `features.experimental_windows_sandbox` | `boolean` | Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it. |~~

~~56| `features.image_generation` | `boolean` | Enable the built-in image generation tool (under development). |~~

57| `features.multi_agent` | `boolean` | Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default). |

~~59| `features.powershell_utf8` | `boolean` | Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere. |~~

~~61| `features.remote_models` | `boolean` | Legacy toggle for an older remote-model readiness flow. Current builds do not use it. |~~

~~62| `features.request_rule` | `boolean` | Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset. |~~

~~63| `features.responses_websockets` | `boolean` | Prefer the Responses API WebSocket transport for supported providers (under development). |~~

~~64| `features.responses_websockets_v2` | `boolean` | Enable Responses API WebSocket v2 mode (under development). |~~

~~65| `features.runtime_metrics` | `boolean` | Show runtime metrics summary in TUI turn separators (experimental). |~~

~~66| `features.search_tool` | `boolean` | Legacy toggle for an older Apps discovery flow. Current builds do not use it. |~~

~~69| `features.skill_env_var_dependency_prompt` | `boolean` | Prompt for missing skill environment-variable dependencies (under development). |~~

~~72| `features.steer` | `boolean` | Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior. |~~

~~75| `features.use_linux_sandbox_bwrap` | `boolean` | Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default). |~~

125| `openai_base_url` | `string` | Base URL override for the built-in `openai` model provider. |

159| `permissions.<name>.network.socks_url` | `string` | SOCKS5 proxy endpoint used by this permissions profile. |

213| `tools.web_search` | `boolean` | Deprecated legacy toggle for web search; prefer the top-level `web_search` setting. |200| `tools.web_search` | `boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }` | Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location. |

214| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |201| `tui` | `table` | TUI-specific options such as enabling inline desktop notifications. |

223| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |210| `web_search` | `disabled | cached | live` | Web search mode (default: `"cached"`; cached uses an OpenAI-maintained index and does not fetch live pages; if you use `--yolo` or another full access sandbox setting, it defaults to `"live"`). Use `"live"` to fetch the most recent data from the web, or `"disabled"` to remove the tool. |

213| `windows.sandbox_private_desktop` | `boolean` | Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\Default` behavior. |

226 214

227Key215Key

228 216

326 314

327Type / Values315Type / Values

328 316

329`untrusted | on-request | never | { reject = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool } }`317`untrusted | on-request | never | { granular = { sandbox_approval = bool, rules = bool, mcp_elicitations = bool, request_permissions = bool, skill_approval = bool } }`

330 318

331Details319Details

332 320

333Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { reject = { ... } }` to auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.321Controls when Codex pauses for approval before executing commands. You can also use `approval_policy = { granular = { ... } }` to allow or auto-reject specific prompt categories while keeping other prompts interactive. `on-failure` is deprecated; use `on-request` for interactive runs or `never` for non-interactive runs.

334 322

335Key323Key

336 324

337`approval_policy.reject.mcp_elicitations`325`approval_policy.granular.mcp_elicitations`

338 326

339Type / Values327Type / Values

340 328

342 330

343Details331Details

344 332

345When `true`, MCP elicitation prompts are auto-rejected instead of shown to the user.333When `true`, MCP elicitation prompts are allowed to surface instead of being auto-rejected.

346 334

347Key335Key

348 336

349`approval_policy.reject.rules`337`approval_policy.granular.request_permissions`

350 338

351Type / Values339Type / Values

352 340

354 342

355Details343Details

356 344

357When `true`, approvals triggered by execpolicy `prompt` rules are auto-rejected.345When `true`, prompts from the `request_permissions` tool are allowed to surface.

358 346

359Key347Key

360 348

361`approval_policy.reject.sandbox_approval`349`approval_policy.granular.rules`

362 350

363Type / Values351Type / Values

364 352

366 354

367Details355Details

368 356

369When `true`, sandbox escalation approval prompts are auto-rejected.357When `true`, approvals triggered by execpolicy `prompt` rules are allowed to surface.

358

359Key

360

361`approval_policy.granular.sandbox_approval`

362

363Type / Values

364

365`boolean`

366

367Details

368

369When `true`, sandbox escalation approval prompts are allowed to surface.

370

371Key

372

373`approval_policy.granular.skill_approval`

374

375Type / Values

376

377`boolean`

378

379Details

380

381When `true`, skill-script approval prompts are allowed to surface.

370 382

371Key383Key

372 384

562 574

563Key575Key

564 576

577`default_permissions`

578

579Type / Values

580

581`string`

582

583Details

584

585Name of the default permissions profile to apply to sandboxed tool calls.

586

587Key

588

565`developer_instructions`589`developer_instructions`

566 590

567Type / Values591Type / Values

622 646

623Key647Key

624 648

625`features.apps_mcp_gateway`649`features.codex_hooks`

~~626~~

627Type / Values

~~628~~

629`boolean`

~~630~~

631Details

~~632~~

633Route Apps MCP calls through the OpenAI connectors MCP gateway (`https://api.openai.com/v1/connectors/mcp/`) instead of legacy routing (experimental).

~~634~~

635Key

~~636~~

637`features.artifact`

~~638~~

639Type / Values

~~640~~

641`boolean`

~~642~~

643Details

~~644~~

645Enable native artifact tools such as slides and spreadsheets (under development).

~~646~~

647Key

~~648~~

649`features.child_agents_md`

~~650~~

651Type / Values

~~652~~

653`boolean`

~~654~~

655Details

~~656~~

657Append AGENTS.md scope/precedence guidance even when no AGENTS.md is present (experimental).

~~658~~

659Key

~~660~~

661`features.collaboration_modes`

~~662~~

663Type / Values

~~664~~

665`boolean`

~~666~~

667Details

~~668~~

669Legacy toggle for collaboration modes. Plan and default modes are available in current builds without setting this key.

~~670~~

671Key

~~672~~

673`features.default_mode_request_user_input`

~~674~~

675Type / Values

~~676~~

677`boolean`

~~678~~

679Details

~~680~~

681Allow `request_user_input` in default collaboration mode (under development; off by default).

~~682~~

683Key

~~684~~

685`features.elevated_windows_sandbox`

686 650

687Type / Values651Type / Values

688 652

690 654

691Details655Details

692 656

693Legacy toggle for an earlier elevated Windows sandbox rollout. Current builds do not use it.657Enable lifecycle hooks loaded from `hooks.json` (under development; off by default).

694 658

695Key659Key

696 660

706 670

707Key671Key

708 672

709`features.experimental_windows_sandbox`

~~710~~

711Type / Values

~~712~~

713`boolean`

~~714~~

715Details

~~716~~

717Legacy toggle for an earlier Windows sandbox rollout. Current builds do not use it.

~~718~~

719Key

~~720~~

721`features.fast_mode`673`features.fast_mode`

722 674

723Type / Values675Type / Values

730 682

731Key683Key

732 684

733`features.image_detail_original`

~~734~~

735Type / Values

~~736~~

737`boolean`

~~738~~

739Details

~~740~~

741Allow image outputs with `detail = "original"` on supported models (under development).

~~742~~

743Key

~~744~~

745`features.image_generation`

~~746~~

747Type / Values

~~748~~

749`boolean`

~~750~~

751Details

~~752~~

753Enable the built-in image generation tool (under development).

~~754~~

755Key

~~756~~

757`features.multi_agent`685`features.multi_agent`

758 686

759Type / Values687Type / Values

762 690

763Details691Details

764 692

765Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait`, `close_agent`, and `spawn_agents_on_csv`) (experimental; off by default).693Enable multi-agent collaboration tools (`spawn_agent`, `send_input`, `resume_agent`, `wait_agent`, and `close_agent`) (stable; on by default).

766 694

767Key695Key

768 696

778 706

779Key707Key

780 708

781`features.powershell_utf8`

~~782~~

783Type / Values

~~784~~

785`boolean`

~~786~~

787Details

~~788~~

789Force PowerShell UTF-8 output. Enabled by default on Windows and off elsewhere.

~~790~~

791Key

~~792~~

793`features.prevent_idle_sleep`709`features.prevent_idle_sleep`

794 710

795Type / Values711Type / Values

802 718

803Key719Key

804 720

805`features.remote_models`

~~806~~

807Type / Values

~~808~~

809`boolean`

~~810~~

811Details

~~812~~

813Legacy toggle for an older remote-model readiness flow. Current builds do not use it.

~~814~~

815Key

~~816~~

817`features.request_rule`

~~818~~

819Type / Values

~~820~~

821`boolean`

~~822~~

823Details

~~824~~

825Legacy toggle for Smart approvals. Current builds include this behavior by default, so most users can leave this unset.

~~826~~

827Key

~~828~~

829`features.responses_websockets`

~~830~~

831Type / Values

~~832~~

833`boolean`

~~834~~

835Details

~~836~~

837Prefer the Responses API WebSocket transport for supported providers (under development).

~~838~~

839Key

~~840~~

841`features.responses_websockets_v2`

~~842~~

843Type / Values

~~844~~

845`boolean`

~~846~~

847Details

~~848~~

849Enable Responses API WebSocket v2 mode (under development).

~~850~~

851Key

~~852~~

853`features.runtime_metrics`

~~854~~

855Type / Values

~~856~~

857`boolean`

~~858~~

859Details

~~860~~

861Show runtime metrics summary in TUI turn separators (experimental).

~~862~~

863Key

~~864~~

865`features.search_tool`

~~866~~

867Type / Values

~~868~~

869`boolean`

~~870~~

871Details

~~872~~

873Legacy toggle for an older Apps discovery flow. Current builds do not use it.

~~874~~

875Key

~~876~~

877`features.shell_snapshot`721`features.shell_snapshot`

878 722

879Type / Values723Type / Values

898 742

899Key743Key

900 744

901`features.skill_env_var_dependency_prompt`

~~902~~

903Type / Values

~~904~~

905`boolean`

~~906~~

907Details

~~908~~

909Prompt for missing skill environment-variable dependencies (under development).

~~910~~

911Key

~~912~~

913`features.skill_mcp_dependency_install`745`features.skill_mcp_dependency_install`

914 746

915Type / Values747Type / Values

922 754

923Key755Key

924 756

925`features.sqlite`757`features.smart_approvals`

926 758

927Type / Values759Type / Values

928 760

930 762

931Details763Details

932 764

933Enable SQLite-backed state persistence (stable; on by default).765Route eligible approval requests through the guardian reviewer subagent (experimental; off by default).

~~934~~

935Key

~~936~~

937`features.steer`

~~938~~

939Type / Values

~~940~~

941`boolean`

~~942~~

943Details

~~944~~

945Legacy toggle from an earlier Enter/Tab steering rollout. Current builds always use the current steering behavior.

946 766

947Key767Key

948 768

970 790

971Key791Key

972 792

973`features.use_linux_sandbox_bwrap`

~~974~~

975Type / Values

~~976~~

977`boolean`

~~978~~

979Details

~~980~~

981Use the bubblewrap-based Linux sandbox pipeline (experimental; off by default).

~~982~~

983Key

~~984~~

985`features.web_search`793`features.web_search`

986 794

987Type / Values795Type / Values

1750 1558

1751Key1559Key

1752 1560

1561`openai_base_url`

1562

1563Type / Values

1564

1565`string`

1566

1567Details

1568

1569Base URL override for the built-in `openai` model provider.

1570

1571Key

1572

1753`oss_provider`1573`oss_provider`

1754 1574

1755Type / Values1575Type / Values

1966 1786

1967Key1787Key

1968 1788

1969`permissions.network.admin_url`1789`permissions.<name>.filesystem`

1970 1790

1971Type / Values1791Type / Values

1972 1792

1973`string`1793`table`

1974 1794

1975Details1795Details

1976 1796

1977Admin endpoint for the managed network proxy.1797Named filesystem permission profile. Each key is an absolute path or special token such as `:minimal` or `:project_roots`.

1978 1798

1979Key1799Key

1980 1800

1981`permissions.network.allow_local_binding`1801`permissions.<name>.filesystem.":project_roots".<subpath>`

1982 1802

1983Type / Values1803Type / Values

1984 1804

1985`boolean`1805`"read" | "write" | "none"`

1986 1806

1987Details1807Details

1988 1808

1989Permit local bind/listen operations through the managed proxy.1809Scoped filesystem access relative to the detected project roots. Use `"."` for the root itself.

1990 1810

1991Key1811Key

1992 1812

1993`permissions.network.allow_unix_sockets`1813`permissions.<name>.filesystem.<path>`

1994 1814

1995Type / Values1815Type / Values

1996 1816

1997`array<string>`1817`"read" | "write" | "none" | table`

1998 1818

1999Details1819Details

2000 1820

2001Allowlist of Unix socket paths permitted through the managed proxy.1821Grant direct access for a path or special token, or scope nested entries under that root.

2002 1822

2003Key1823Key

2004 1824

2005`permissions.network.allow_upstream_proxy`1825`permissions.<name>.network.allow_local_binding`

2006 1826

2007Type / Values1827Type / Values

2008 1828

2010 1830

2011Details1831Details

2012 1832

2013Allow the managed proxy to chain to another upstream proxy.1833Permit local bind/listen operations through the managed proxy.

2014 1834

2015Key1835Key

2016 1836

2017`permissions.network.allowed_domains`1837`permissions.<name>.network.allow_unix_sockets`

2018 1838

2019Type / Values1839Type / Values

2020 1840

2022 1842

2023Details1843Details

2024 1844

2025Allowlist of domains permitted through the managed proxy.1845Allowlist of Unix socket paths permitted through the managed proxy.

2026 1846

2027Key1847Key

2028 1848

2029`permissions.network.dangerously_allow_all_unix_sockets`1849`permissions.<name>.network.allow_upstream_proxy`

2030 1850

2031Type / Values1851Type / Values

2032 1852

2034 1854

2035Details1855Details

2036 1856

2037Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.1857Allow the managed proxy to chain to another upstream proxy.

2038 1858

2039Key1859Key

2040 1860

2041`permissions.network.dangerously_allow_non_loopback_admin`1861`permissions.<name>.network.allowed_domains`

1862

1863Type / Values

1864

1865`array<string>`

1866

1867Details

1868

1869Allowlist of domains permitted through the managed proxy.

1870

1871Key

1872

1873`permissions.<name>.network.dangerously_allow_all_unix_sockets`

2042 1874

2043Type / Values1875Type / Values

2044 1876

2046 1878

2047Details1879Details

2048 1880

2049Permit non-loopback bind addresses for the managed proxy admin listener.1881Allow the proxy to use arbitrary Unix sockets instead of the default restricted set.

2050 1882

2051Key1883Key

2052 1884

2053`permissions.network.dangerously_allow_non_loopback_proxy`1885`permissions.<name>.network.dangerously_allow_non_loopback_proxy`

2054 1886

2055Type / Values1887Type / Values

2056 1888

2062 1894

2063Key1895Key

2064 1896

2065`permissions.network.denied_domains`1897`permissions.<name>.network.denied_domains`

2066 1898

2067Type / Values1899Type / Values

2068 1900

2074 1906

2075Key1907Key

2076 1908

2077`permissions.network.enable_socks5`1909`permissions.<name>.network.enable_socks5`

2078 1910

2079Type / Values1911Type / Values

2080 1912

2082 1914

2083Details1915Details

2084 1916

2085Expose a SOCKS5 listener from the managed network proxy.1917Expose a SOCKS5 listener when this permissions profile enables the managed network proxy.

2086 1918

2087Key1919Key

2088 1920

2089`permissions.network.enable_socks5_udp`1921`permissions.<name>.network.enable_socks5_udp`

2090 1922

2091Type / Values1923Type / Values

2092 1924

2098 1930

2099Key1931Key

2100 1932

2101`permissions.network.enabled`1933`permissions.<name>.network.enabled`

2102 1934

2103Type / Values1935Type / Values

2104 1936

2106 1938

2107Details1939Details

2108 1940

2109Enable the managed network proxy configuration for subprocesses.1941Enable network access for this named permissions profile.

2110 1942

2111Key1943Key

2112 1944

2113`permissions.network.mode`1945`permissions.<name>.network.mode`

2114 1946

2115Type / Values1947Type / Values

2116 1948

2122 1954

2123Key1955Key

2124 1956

2125`permissions.network.proxy_url`1957`permissions.<name>.network.proxy_url`

2126 1958

2127Type / Values1959Type / Values

2128 1960

2130 1962

2131Details1963Details

2132 1964

2133HTTP proxy endpoint used by the managed network proxy.1965HTTP proxy endpoint used when this permissions profile enables the managed network proxy.

2134 1966

2135Key1967Key

2136 1968

2137`permissions.network.socks_url`1969`permissions.<name>.network.socks_url`

2138 1970

2139Type / Values1971Type / Values

2140 1972

2142 1974

2143Details1975Details

2144 1976

2145SOCKS5 proxy endpoint used by the managed network proxy.1977SOCKS5 proxy endpoint used by this permissions profile.

2146 1978

2147Key1979Key

2148 1980

2454 2286

2455Details2287Details

2456 2288

2457Preferred service tier for new turns. `fast` is honored only when the `features.fast_mode` gate is enabled.2289Preferred service tier for new turns.

2458 2290

2459Key2291Key

2460 2292

2630 2462

2631Type / Values2463Type / Values

2632 2464

2633`boolean`2465`boolean | { context_size = "low|medium|high", allowed_domains = [string], location = { country, region, city, timezone } }`

2634 2466

2635Details2467Details

2636 2468

2637Deprecated legacy toggle for web search; prefer the top-level `web_search` setting.2469Optional web search tool configuration. The legacy boolean form is still accepted, but the object form lets you set search context size, allowed domains, and approximate user location.

2638 2470

2639Key2471Key

2640 2472

2780 2612

2781Windows-only native sandbox mode when running Codex natively on Windows.2613Windows-only native sandbox mode when running Codex natively on Windows.

2782 2614

2615Key

2616

2617`windows.sandbox_private_desktop`

2618

2619Type / Values

2620

2621`boolean`

2622

2623Details

2624

2625Run the final sandboxed child process on a private desktop by default on native Windows. Set `false` only for compatibility with the older `Winsta0\\Default` behavior.

2626

2783Expand to view all2627Expand to view all

2784 2628

2785You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).2629You can find the latest JSON schema for `config.toml` [here](https://developers.openai.com/codex/config-schema.json).

2804 2648

2805| Key | Type / Values | Details |2649| Key | Type / Values | Details |

2806| --- | --- | --- |2650| --- | --- | --- |

2809| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |2653| `allowed_web_search_modes` | `array<string>` | Allowed values for `web_search` (`disabled`, `cached`, `live`). `disabled` is always allowed; an empty list effectively allows only `disabled`. |

2831 2675

2832Details2676Details

2833 2677

2834Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `reject`).2678Allowed values for `approval_policy` (for example `untrusted`, `on-request`, `never`, and `granular`).

2835 2679

2836Key2680Key

2837 2681

config-sample.md +17 −19

Details

107# - untrusted: only known-safe read-only commands auto-run; others prompt107# - untrusted: only known-safe read-only commands auto-run; others prompt

108# - on-request: model decides when to ask (default)108# - on-request: model decides when to ask (default)

109# - never: never prompt (risky)109# - never: never prompt (risky)

110# - { reject = { ... } }: auto-reject selected prompt categories110# - { granular = { ... } }: allow or auto-reject selected prompt categories

111approval_policy = "on-request"111approval_policy = "on-request"

112# Example granular auto-reject policy:112# Example granular policy:

113# approval_policy = { reject = { sandbox_approval = true, rules = false, mcp_elicitations = false } }113# approval_policy = { granular = {

114# sandbox_approval = true,

115# rules = true,

116# mcp_elicitations = true,

117# request_permissions = false,

118# skill_approval = false

119# } }

114 120

115# Allow login-shell semantics for shell-based tools when they request `login = true`.121# Allow login-shell semantics for shell-based tools when they request `login = true`.

116# Default: true. Set false to force non-login shells and reject explicit login-shell requests.122# Default: true. Set false to force non-login shells and reject explicit login-shell requests.

132# Base URL for ChatGPT auth flow (not OpenAI API).138# Base URL for ChatGPT auth flow (not OpenAI API).

133chatgpt_base_url = "https://chatgpt.com/backend-api/"139chatgpt_base_url = "https://chatgpt.com/backend-api/"

134 140

141# Optional base URL override for the built-in OpenAI provider.

142# openai_base_url = "https://us.api.openai.com/v1"

143

135# Restrict ChatGPT login to a specific workspace id. Default: unset.144# Restrict ChatGPT login to a specific workspace id. Default: unset.

136# forced_chatgpt_workspace_id = "00000000-0000-0000-0000-000000000000"145# forced_chatgpt_workspace_id = "00000000-0000-0000-0000-000000000000"

137 146

351# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.360# Leave this table empty to accept defaults. Set explicit booleans to opt in/out.

352# shell_tool = true361# shell_tool = true

353# apps = false362# apps = false

354# apps_mcp_gateway = false363# codex_hooks = false

355# unified_exec = false364# unified_exec = true

356# shell_snapshot = false365# shell_snapshot = true

357# multi_agent = false366# multi_agent = true

358# personality = true367# personality = true

359# use_linux_sandbox_bwrap = false

360# runtime_metrics = true

361# powershell_utf8 = true

362# child_agents_md = false

363# sqlite = true

364# fast_mode = true368# fast_mode = true

369# smart_approvals = false

365# enable_request_compression = true370# enable_request_compression = true

366# image_generation = false

367# skill_mcp_dependency_install = true371# skill_mcp_dependency_install = true

368# skill_env_var_dependency_prompt = false

369# default_mode_request_user_input = false

370# artifact = false

371# prevent_idle_sleep = false372# prevent_idle_sleep = false

372# responses_websockets = false

373# responses_websockets_v2 = false

374# image_detail_original = false

375 373

376################################################################################374################################################################################

377# Define MCP servers under this table. Leave empty to disable.375# Define MCP servers under this table. Leave empty to disable.

enterprise/admin-setup.md +1 −0

Details

18- Audit logging via the ChatGPT Compliance API18- Audit logging via the ChatGPT Compliance API

19 19

20For security controls and runtime protections, see [Agent approvals & security](https://developers.openai.com/codex/agent-approvals-security). Refer to [Zero Data Retention (ZDR)](https://platform.openai.com/docs/guides/your-data#zero-data-retention) for more details.20For security controls and runtime protections, see [Agent approvals & security](https://developers.openai.com/codex/agent-approvals-security). Refer to [Zero Data Retention (ZDR)](https://platform.openai.com/docs/guides/your-data#zero-data-retention) for more details.

21For a broader enterprise security overview, see the [Codex security white paper](https://trust.openai.com/?itemUid=382f924d-54f3-43a8-a9df-c39e6c959958&source=click).

21 22

22## Pre-requisites: Determine owners and rollout strategy23## Pre-requisites: Determine owners and rollout strategy

23 24

hooks.md +398 −0 added

Details

1# Hooks

3Experimental. Hooks are under active development. Windows support temporarily

4disabled.

6Hooks are an extensibility framework for Codex. They allow

7you to inject your own scripts into the agentic loop, enabling features such as:

9- Send the conversation to a custom logging/analytics engine

10- Scan your team's prompts to block accidentally pasting API keys

11- Summarize conversations to create persistent memories automatically

12- Run a custom validator when a conversation turn stops, enforcing standards

13- Customize prompting when in a certain directory

15Hooks are behind a feature flag in `config.toml`:

17```toml

18[features]

19codex_hooks = true

20```

22Runtime behavior to keep in mind:

24- Matching hooks from multiple files all run.

25- Multiple matching command hooks for the same event are launched concurrently,

26 so one hook cannot prevent another matching hook from starting.

27- `PreToolUse`, `PostToolUse`, `UserPromptSubmit`, and `Stop` run at turn

28 scope.

29- Hooks are currently disabled on Windows.

31## Where Codex looks for hooks

33Codex discovers `hooks.json` next to active config layers.

35In practice, the two most useful locations are:

37- `~/.codex/hooks.json`

38- `<repo>/.codex/hooks.json`

40If more than one `hooks.json` file exists, Codex loads all matching hooks.

41Higher-precedence config layers do not replace lower-precedence hooks.

43## Config shape

45Hooks are organized in three levels:

47- A hook event such as `PreToolUse`, `PostToolUse`, or `Stop`

48- A matcher group that decides when that event matches

49- One or more hook handlers that run when the matcher group matches

51```json

52{

53 "hooks": {

54 "SessionStart": [

55 {

56 "matcher": "startup|resume",

57 "hooks": [

58 {

59 "type": "command",

60 "command": "python3 ~/.codex/hooks/session_start.py",

61 "statusMessage": "Loading session notes"

62 }

63 ]

64 }

65 ],

66 "PreToolUse": [

67 {

68 "matcher": "Bash",

69 "hooks": [

70 {

71 "type": "command",

72 "command": "/usr/bin/python3 \"$(git rev-parse --show-toplevel)/.codex/hooks/pre_tool_use_policy.py\"",

73 "statusMessage": "Checking Bash command"

74 }

75 ]

76 }

77 ],

78 "PostToolUse": [

79 {

80 "matcher": "Bash",

81 "hooks": [

82 {

83 "type": "command",

84 "command": "/usr/bin/python3 \"$(git rev-parse --show-toplevel)/.codex/hooks/post_tool_use_review.py\"",

85 "statusMessage": "Reviewing Bash output"

86 }

87 ]

88 }

89 ],

90 "UserPromptSubmit": [

91 {

92 "hooks": [

93 {

94 "type": "command",

95 "command": "/usr/bin/python3 \"$(git rev-parse --show-toplevel)/.codex/hooks/user_prompt_submit_data_flywheel.py\""

96 }

97 ]

98 }

99 ],

100 "Stop": [

101 {

102 "hooks": [

103 {

104 "type": "command",

105 "command": "/usr/bin/python3 \"$(git rev-parse --show-toplevel)/.codex/hooks/stop_continue.py\"",

106 "timeout": 30

107 }

108 ]

109 }

110 ]

111 }

112}

113```

114

115Notes:

116

117- `timeout` is in seconds.

118- `timeoutSec` is also accepted as an alias.

119- If `timeout` is omitted, Codex uses `600` seconds.

120- `statusMessage` is optional.

121- Commands run with the session `cwd` as their working directory.

122- For repo-local hooks, prefer resolving from the git root instead of using a

123 relative path such as `.codex/hooks/...`. Codex may be started from a

124 subdirectory, and a git-root-based path keeps the hook location stable.

125

126## Matcher patterns

127

128The `matcher` field is a regex string that filters when hooks fire. Use `"*"`,

129`""`, or omit `matcher` entirely to match every occurrence of a supported

130event.

131

132Only some current Codex events honor `matcher`:

133

134| Event | What `matcher` filters | Notes |

135| --- | --- | --- |

136| `PostToolUse` | tool name | Current Codex runtime only emits `Bash`. |

137| `PreToolUse` | tool name | Current Codex runtime only emits `Bash`. |

138| `SessionStart` | start source | Current runtime values are `startup` and `resume`. |

139| `UserPromptSubmit` | not supported | Any configured `matcher` is ignored for this event. |

140| `Stop` | not supported | Any configured `matcher` is ignored for this event. |

141

142Examples:

143

144- `Bash`

145- `startup|resume`

146- `Edit|Write`

147

148That last example is still a valid regex, but current Codex `PreToolUse` and

149`PostToolUse` events only emit `Bash`, so it will not match anything today.

150

151## Common input fields

152

153Every command hook receives one JSON object on `stdin`.

154

155These are the shared fields you will usually use:

156

157| Field | Type | Meaning |

158| --- | --- | --- |

159| `session_id` | `string` | Current session or thread id. |

161| `cwd` | `string` | Working directory for the session |

162| `hook_event_name` | `string` | Current hook event name |

163| `model` | `string` | Active model slug |

164

165Turn-scoped hooks list `turn_id` in their event-specific tables.

166

167If you need the full wire format, see [Schemas](#schemas).

168

169## Common output fields

170

171`SessionStart`, `UserPromptSubmit`, and `Stop` support these shared JSON

172fields:

173

174```json

175{

176 "continue": true,

177 "stopReason": "optional",

178 "systemMessage": "optional",

179 "suppressOutput": false

180}

181```

182

183| Field | Effect |

184| ---------------- | ----------------------------------------------- |

185| `continue` | If `false`, marks that hook run as stopped |

186| `stopReason` | Recorded as the reason for stopping |

187| `systemMessage` | Surfaced as a warning in the UI or event stream |

188| `suppressOutput` | Parsed today but not yet implemented |

189

190Exit `0` with no output is treated as success and Codex continues.

191

192`PreToolUse` supports `systemMessage`, but `continue`, `stopReason`, and

193`suppressOutput` are not currently supported for that event.

194

195`PostToolUse` supports `systemMessage`, `continue: false`, and `stopReason`.

196`suppressOutput` is parsed but not currently supported for that event.

197

198## Hooks

199

200### SessionStart

201

202`matcher` is applied to `source` for this event.

203

204Fields in addition to [Common input fields](#common-input-fields):

205

206| Field | Type | Meaning |

207| --- | --- | --- |

208| `source` | `string` | How the session started: `startup` or `resume` |

209

210Plain text on `stdout` is added as extra developer context.

211

212JSON on `stdout` supports [Common output fields](#common-output-fields) and this

213hook-specific shape:

214

215```json

216{

217 "hookSpecificOutput": {

218 "hookEventName": "SessionStart",

219 "additionalContext": "Load the workspace conventions before editing."

220 }

221}

222```

223

224That `additionalContext` text is added as extra developer context.

225

226### PreToolUse

227

228Currently `PreToolUse` only supports Bash tool interception. The model can

229still work around this by writing its own script to disk and then running that

230script with Bash, so treat this as a useful guardrail rather than a complete

231enforcement boundary.

232

233`matcher` is applied to `tool_name`, which currently always equals `Bash`.

234

235Fields in addition to [Common input fields](#common-input-fields):

236

237| Field | Type | Meaning |

238| --- | --- | --- |

239| `turn_id` | `string` | Codex-specific extension. Active Codex turn id |

240| `tool_name` | `string` | Currently always `Bash` |

241| `tool_use_id` | `string` | Tool-call id for this invocation |

242| `tool_input.command` | `string` | Shell command Codex is about to run |

243

244Plain text on `stdout` is ignored.

245

246JSON on `stdout` can use `systemMessage` and can block a Bash command with this

247hook-specific shape:

248

249```json

250{

251 "hookSpecificOutput": {

252 "hookEventName": "PreToolUse",

253 "permissionDecision": "deny",

254 "permissionDecisionReason": "Destructive command blocked by hook."

255 }

256}

257```

258

259Codex also accepts this older block shape:

260

261```json

262{

263 "decision": "block",

264 "reason": "Destructive command blocked by hook."

265}

266```

267

268You can also use exit code `2` and write the blocking reason to `stderr`.

269

270`permissionDecision: "allow"` and `"ask"`, legacy `decision: "approve"`,

271`updatedInput`, `additionalContext`, `continue: false`, `stopReason`, and

272`suppressOutput` are parsed but not supported yet, so they fail open.

273

274### PostToolUse

275

276Currently `PostToolUse` only supports Bash tool results. It is not limited to

277commands that exit successfully: non-interactive `exec_command` calls can still

278trigger `PostToolUse` when Codex emits a Bash post-tool payload. It cannot undo

279side effects from the command that already ran.

280

281`matcher` is applied to `tool_name`, which currently always equals `Bash`.

282

283Fields in addition to [Common input fields](#common-input-fields):

284

285| Field | Type | Meaning |

286| --- | --- | --- |

287| `turn_id` | `string` | Codex-specific extension. Active Codex turn id |

288| `tool_name` | `string` | Currently always `Bash` |

289| `tool_use_id` | `string` | Tool-call id for this invocation |

290| `tool_input.command` | `string` | Shell command Codex just ran |

291| `tool_response` | `JSON value` | Bash tool output payload. Today this is usually a JSON string |

292

293Plain text on `stdout` is ignored.

294

295JSON on `stdout` can use `systemMessage` and this hook-specific shape:

296

297```json

298{

299 "decision": "block",

300 "reason": "The Bash output needs review before continuing.",

301 "hookSpecificOutput": {

302 "hookEventName": "PostToolUse",

303 "additionalContext": "The command updated generated files."

304 }

305}

306```

307

308That `additionalContext` text is added as extra developer context.

309

310For this event, `decision: "block"` does not undo the completed Bash command.

311Instead, Codex records the feedback, replaces the tool result with that

312feedback, and continues the model from the hook-provided message.

313

314You can also use exit code `2` and write the feedback reason to `stderr`.

315

316To stop normal processing of the original tool result after the command has

317already run, return `continue: false`. Codex will replace the tool result with

318your feedback or stop text and continue from there.

319

320`updatedMCPToolOutput` and `suppressOutput` are parsed but not supported yet,

321so they fail open.

322

323### UserPromptSubmit

324

325`matcher` is not currently used for this event.

326

327Fields in addition to [Common input fields](#common-input-fields):

328

329| Field | Type | Meaning |

330| --- | --- | --- |

331| `turn_id` | `string` | Codex-specific extension. Active Codex turn id |

332| `prompt` | `string` | User prompt that is about to be sent |

333

334Plain text on `stdout` is added as extra developer context.

335

336JSON on `stdout` supports [Common output fields](#common-output-fields) and

337this hook-specific shape:

338

339```json

340{

341 "hookSpecificOutput": {

342 "hookEventName": "UserPromptSubmit",

343 "additionalContext": "Ask for a clearer reproduction before editing files."

344 }

345}

346```

347

348That `additionalContext` text is added as extra developer context.

349

350To block the prompt, return:

351

352```json

353{

354 "decision": "block",

355 "reason": "Ask for confirmation before doing that."

356}

357```

358

359You can also use exit code `2` and write the blocking reason to `stderr`.

360

361### Stop

362

363`matcher` is not currently used for this event.

364

365Fields in addition to [Common input fields](#common-input-fields):

366

367| Field | Type | Meaning |

368| --- | --- | --- |

369| `turn_id` | `string` | Codex-specific extension. Active Codex turn id |

370| `stop_hook_active` | `boolean` | Whether this turn was already continued by `Stop` |

372

373`Stop` expects JSON on `stdout` when it exits `0`. Plain text output is invalid

374for this event.

375

376JSON on `stdout` supports [Common output fields](#common-output-fields). To keep

377Codex going, return:

378

379```json

380{

381 "decision": "block",

382 "reason": "Run one more pass over the failing tests."

383}

384```

385

386You can also use exit code `2` and write the continuation reason to `stderr`.

387

388For this event, `decision: "block"` does not reject the turn. Instead, it tells

389Codex to continue and automatically creates a new continuation prompt that acts

390as a new user prompt, using your `reason` as that prompt text.

391

392If any matching `Stop` hook returns `continue: false`, that takes precedence

393over continuation decisions from other matching `Stop` hooks.

394

395## Schemas

396

397If you need the exact current wire format, see the generated schemas in the

398[Codex GitHub repository](https://github.com/openai/codex/tree/main/codex-rs/hooks/schema/generated).

ide.md +7 −3

Details

20is experimental. For the best Windows experience, use Codex in a WSL workspace20is experimental. For the best Windows experience, use Codex in a WSL workspace

21and follow our [Windows setup guide](https://developers.openai.com/codex/windows).21and follow our [Windows setup guide](https://developers.openai.com/codex/windows).

22 22

~~23After you install it, you’ll find the extension in your left sidebar next to your other extensions.~~23After you install it, you'll find Codex in your editor sidebar.

24In VS Code, Codex opens in the right sidebar by default.

24If you're using VS Code, restart the editor if you don't see Codex right away.25If you're using VS Code, restart the editor if you don't see Codex right away.

25 26

26If you're using Cursor, the activity bar displays horizontally by default. Collapsed items can hide Codex, so you can pin it and reorganize the order of the extensions.27If you're using Cursor, the activity bar displays horizontally by default. Collapsed items can hide Codex, so you can pin it and reorganize the order of the extensions.

35 36

36### Move Codex to the right sidebar37### Move Codex to the right sidebar

37 38

~~38In VS Code, you can drag the Codex icon to the right of your editor to move it to the right sidebar.~~39In VS Code, Codex appears in the right sidebar automatically.

40If you prefer it in the primary (left) sidebar, drag the Codex icon back to the left activity bar.

39 41

~~40In some IDEs, like Cursor, you may need to temporarily change the activity bar orientation first:~~42In VS Code forks like Cursor, you may need to move Codex to the right sidebar manually.

43To do that, you may need to temporarily change the activity bar orientation first:

41 44

421. Open your editor settings and search for `activity bar` (in Workbench settings).451. Open your editor settings and search for `activity bar` (in Workbench settings).

432. Change the orientation to `vertical`.462. Change the orientation to `vertical`.

48Now drag the Codex icon to the right sidebar (for example, next to your Cursor chat). Codex appears as another tab in the sidebar.51Now drag the Codex icon to the right sidebar (for example, next to your Cursor chat). Codex appears as another tab in the sidebar.

49 52

50After you move it, reset the activity bar orientation to `horizontal` to restore the default behavior.53After you move it, reset the activity bar orientation to `horizontal` to restore the default behavior.

54If you change your mind later, you can drag Codex back to the primary (left) sidebar at any time.

51 55

52### Sign in56### Sign in

53 57

ide/settings.md +4 −0

Details

12 12

13The Codex IDE extension uses the Codex CLI. Configure some behavior, such as the default model, approvals, and sandbox settings, in the shared `~/.codex/config.toml` file instead of in editor settings. See [Config basics](https://developers.openai.com/codex/config-basic).13The Codex IDE extension uses the Codex CLI. Configure some behavior, such as the default model, approvals, and sandbox settings, in the shared `~/.codex/config.toml` file instead of in editor settings. See [Config basics](https://developers.openai.com/codex/config-basic).

14 14

15The extension also honors VS Code's built-in chat font settings for Codex conversation surfaces.

15## Settings reference17## Settings reference

16 18

17| Setting | Description |19| Setting | Description |

18| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |20| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

21| `chat.fontSize` | Controls chat text in the Codex sidebar, including conversation content and the composer. |

22| `chat.editor.fontSize` | Controls code-rendered content in Codex conversations, including code snippets and diffs. |

19| `chatgpt.cliExecutable` | Development only: Path to the Codex CLI executable. You don't need to set this unless you're actively developing the Codex CLI. If you set this manually, parts of the extension might not work as expected. |23| `chatgpt.cliExecutable` | Development only: Path to the Codex CLI executable. You don't need to set this unless you're actively developing the Codex CLI. If you set this manually, parts of the extension might not work as expected. |

learn/best-practices.md +5 −5

Details

78- Keep repo-specific behavior in `.codex/config.toml`78- Keep repo-specific behavior in `.codex/config.toml`

79- Use command-line overrides only for one-off situations (if you use the CLI)79- Use command-line overrides only for one-off situations (if you use the CLI)

80 80

81[`config.toml`](https://developers.openai.com/codex/config-basic) is where you define durable preferences such as MCP servers, profiles, multi-agent setup, and experimental features. You can edit it directly or ask Codex to update it for you.81[`config.toml`](https://developers.openai.com/codex/config-basic) is where you define durable preferences such as MCP servers, profiles, multi-agent setup, and feature flags. You can edit it directly or ask Codex to update it for you.

82 82

83Codex ships with operating level sandboxing and has two key knobs that you can control. Approval mode determines when Codex asks for your permission to run a command and sandbox mode determines if Codex can read or write in the directory and what files the agent can access.83Codex ships with operating level sandboxing and has two key knobs that you can control. Approval mode determines when Codex asks for your permission to run a command and sandbox mode determines if Codex can read or write in the directory and what files the agent can access.

84 84

161- Telemetry or incident summaries161- Telemetry or incident summaries

162- Standard debugging flows162- Standard debugging flows

163 163

164The `$skill-creator` skill is the best place to start to scaffold the first version of a skill and to use the `$skill-installer` skill to install it locally. One of the most important parts of a skill is the description. It should say what the skill does and when to use it.164The `$skill-creator` skill is the best place to start to scaffold the first version of a skill. Keep the first version local while you iterate. When it's ready to share broadly, package it as a [plugin](https://developers.openai.com/codex/plugins/build). One of the most important parts of a skill is the description. It should say what the skill does and when to use it.

165 165

166Personal skills are stored in `$HOME/.agents/skills`, and shared team skills166Personal skills are stored in `$HOME/.agents/skills`, and shared team skills

167 can be checked into `.agents/skills` inside a repository. This is especially167 can be checked into `.agents/skills` inside a repository. This is especially

205 205

206Keep one thread per coherent unit of work. If the work is still part of the same problem, staying in the same thread is often better because it preserves the reasoning trail. Fork only when the work truly branches.206Keep one thread per coherent unit of work. If the work is still part of the same problem, staying in the same thread is often better because it preserves the reasoning trail. Fork only when the work truly branches.

207 207

208Use Codex’s [multi-agent](https://developers.openai.com/codex/concepts/multi-agents) workflows to offload208Use Codex’s [subagent](https://developers.openai.com/codex/concepts/subagents) workflows to offload bounded

209bounded work from the main thread. Keep the main agent focused on the core209 work from the main thread. Keep the main agent focused on the core problem,

210problem, and use subagents for tasks like exploration, tests, or triage.210 and use subagents for tasks like exploration, tests, or triage.

211 211

212## Common mistakes212## Common mistakes

213 213

mcp.md +5 −1

Details

79 79

80If your MCP OAuth flow must use a specific callback URL (for example, a remote devbox ingress URL or a custom callback path), set `mcp_oauth_callback_url`. Codex uses this value as the OAuth `redirect_uri` while still using `mcp_oauth_callback_port` for the callback listener port. Local callback URLs (for example `localhost`) bind on loopback; non-local callback URLs bind on `0.0.0.0` so the callback can reach the host.80If your MCP OAuth flow must use a specific callback URL (for example, a remote devbox ingress URL or a custom callback path), set `mcp_oauth_callback_url`. Codex uses this value as the OAuth `redirect_uri` while still using `mcp_oauth_callback_port` for the callback listener port. Local callback URLs (for example `localhost`) bind on loopback; non-local callback URLs bind on `0.0.0.0` so the callback can reach the host.

81 81

82If the MCP server advertises `scopes_supported`, Codex prefers those

83server-advertised scopes during OAuth login. Otherwise, Codex falls back to the

84scopes configured in `config.toml`.

82#### config.toml examples86#### config.toml examples

83 87

84```toml88```toml

117 121

118The list of MCP servers keeps growing. Here are a few common ones:122The list of MCP servers keeps growing. Here are a few common ones:

119 123

120- [OpenAI Docs MCP](/resources/docs-mcp): Search and read OpenAI developer docs.124- [OpenAI Docs MCP](/learn/docs-mcp): Search and read OpenAI developer docs.

121- [Context7](https://github.com/upstash/context7): Connect to up-to-date developer documentation.125- [Context7](https://github.com/upstash/context7): Connect to up-to-date developer documentation.

122- Figma [Local](https://developers.figma.com/docs/figma-mcp-server/local-server-installation/) and [Remote](https://developers.figma.com/docs/figma-mcp-server/remote-server-installation/): Access your Figma designs.126- Figma [Local](https://developers.figma.com/docs/figma-mcp-server/local-server-installation/) and [Remote](https://developers.figma.com/docs/figma-mcp-server/remote-server-installation/): Access your Figma designs.

123- [Playwright](https://www.npmjs.com/package/@playwright/mcp): Control and inspect a browser using Playwright.127- [Playwright](https://www.npmjs.com/package/@playwright/mcp): Control and inspect a browser using Playwright.

models.md +28 −3

Details

26 26

27API Access27API Access

28 28

29![gpt-5.4-mini](/images/api/models/gpt-5-mini.jpg)

31gpt-5.4-mini

33Fast, efficient mini model for responsive coding tasks and subagents.

35codex -m gpt-5.4-mini

37Copy command

39Capability

41Speed

43Codex CLI & SDK

45Codex app & IDE extension

47Codex Cloud

49ChatGPT Credits

51API Access

29![gpt-5.3-codex](/images/codex/codex-wallpaper-1.webp)53![gpt-5.3-codex](/images/codex/codex-wallpaper-1.webp)

30 54

31gpt-5.3-codex55gpt-5.3-codex

76 100

77For most tasks in Codex, start with `gpt-5.4`. It combines strong coding,101For most tasks in Codex, start with `gpt-5.4`. It combines strong coding,

78reasoning, native computer use, and broader professional workflows in one102reasoning, native computer use, and broader professional workflows in one

~~79model. The `gpt-5.3-codex-spark` model is available in research preview for~~103model. Use `gpt-5.4-mini` when you want a faster, lower-cost option for

~~80ChatGPT Pro subscribers and is optimized for near-instant, real-time coding~~104lighter coding tasks or subagents. The `gpt-5.3-codex-spark` model is

~~81iteration.~~105available in research preview for ChatGPT Pro subscribers and is optimized for

106near-instant, real-time coding iteration.

82 107

83## Alternative models108## Alternative models

84 109

multi-agent.md +0 −312 deleted

File DeletedView Diff

~~1# Multi-agents~~

3Codex can run multi-agent workflows by spawning specialized agents in parallel and then collecting their results in one response. This can be particularly helpful for complex tasks that are highly parallel, such as codebase exploration or implementing a multi-step feature plan.

~~5With multi-agent workflows you can also define your own set of agents with different model configurations and instructions depending on the agent.~~

7For the concepts and tradeoffs behind multi-agent workflows (including context pollution/context rot and model-selection guidance), see [Multi-agents concepts](https://developers.openai.com/codex/concepts/multi-agents).

~~9## Enable multi-agent~~

~~11Multi-agent workflows are currently experimental and need to be explicitly enabled.~~

~~13You can enable this feature from the CLI with `/experimental`. Enable~~

~~14**Multi-agents**, then restart Codex.~~

~~16Multi-agent activity is currently surfaced in the CLI. Visibility in other~~

~~17surfaces (the Codex app and IDE Extension) is coming soon.~~

~~19You can also add the [`multi_agent` feature flag](https://developers.openai.com/codex/config-basic#feature-flags) directly to your configuration file (`~/.codex/config.toml`):~~

~~21```~~

~~22[features]~~

~~23multi_agent = true~~

~~24```~~

~~26## Typical workflow~~

~~28Codex handles orchestration across agents, including spawning new sub-agents, routing follow-up instructions, waiting for results, and closing agent threads.~~

~~30When many agents are running, Codex waits until all requested results are available, then returns a consolidated response.~~

~~32Codex will automatically decide when to spawn a new agent or you can explicitly ask it to do so.~~

~~34For long-running commands or polling workflows, Codex can also use the built-in `monitor` role, tuned for waiting and repeated status checks.~~

~~36To see it in action, try the following prompt on your project:~~

~~38```~~

~~39I would like to review the following points on the current PR (this branch vs main). Spawn one agent per point, wait for all of them, and summarize the result for each point.~~

~~401. Security issue~~

~~412. Code quality~~

~~423. Bugs~~

~~434. Race~~

~~445. Test flakiness~~

~~456. Maintainability of the code~~

~~46```~~

~~48## Managing sub-agents~~

~~50- Use `/agent` in the CLI to switch between active agent threads and inspect the ongoing thread.~~

~~51- Ask Codex directly to steer a running sub-agent, stop it, or close completed agent threads.~~

~~52- The `wait` tool supports long polling windows for monitoring workflows (up to 1 hour per call).~~

~~54## Process CSV batches with sub-agents~~

56Use `spawn_agents_on_csv` when you have many similar tasks that map to one row per work item. Codex reads the CSV, spawns one worker sub-agent per row, waits for the full batch to finish, and exports the combined results to CSV.

~~58This works well for repeated audits such as:~~

~~60- reviewing one file, package, or service per row~~

~~61- checking a list of incidents, PRs, or migration targets~~

~~62- generating structured summaries for many similar inputs~~

~~64The tool accepts:~~

~~66- `csv_path` for the source CSV~~

~~67- `instruction` for the worker prompt template, using `{column_name}` placeholders~~

~~68- `id_column` when you want stable item ids from a specific column~~

~~69- `output_schema` when each worker should return a JSON object with a fixed shape~~

~~70- `output_csv_path`, `max_concurrency`, and `max_runtime_seconds` for job control~~

~~72Each worker must call `report_agent_job_result` exactly once. If a worker exits without reporting a result, Codex marks that row with an error in the exported CSV.~~

~~74Example prompt:~~

~~76```~~

~~77Create /tmp/components.csv with columns path,owner and one row per frontend component.~~

~~79Then call spawn_agents_on_csv with:~~

~~80- csv_path: /tmp/components.csv~~

~~81- id_column: path~~

~~82- instruction: "Review {path} owned by {owner}. Return JSON with keys path, risk, summary, and follow_up via report_agent_job_result."~~

~~83- output_csv_path: /tmp/components-review.csv~~

~~84- output_schema: an object with required string fields path, risk, summary, and follow_up~~

~~85```~~

87When you run this through `codex exec`, Codex shows a single-line progress update on `stderr` while the batch is running. The exported CSV includes the original row data plus metadata such as `job_id`, `item_id`, `status`, `last_error`, and `result_json`.

~~89Related runtime settings:~~

~~91- `agents.max_threads` caps how many agent threads can stay open concurrently.~~

~~92- `agents.job_max_runtime_seconds` sets the default per-worker timeout for CSV fan-out jobs. A per-call `max_runtime_seconds` override takes precedence.~~

~~93- `sqlite_home` controls where Codex stores the SQLite-backed state used for agent jobs and their exported results.~~

~~95## Approvals and sandbox controls~~

~~97Sub-agents inherit your current sandbox policy.~~

~~99In interactive CLI sessions, approval requests can surface from inactive agent~~

100threads even while you are looking at the main thread. The approval overlay

101shows the source thread label, and you can press `o` to open that thread before

102you approve, reject, or answer the request.

~~103~~

104In non-interactive flows, or whenever a run can’t surface a fresh approval,

105an action that needs new approval fails and Codex surfaces the error back to the

106parent workflow.

~~107~~

108Codex also reapplies the parent turn’s live runtime overrides when it spawns a

109child. That includes sandbox and approval choices you set interactively during

110the session, such as `/approvals` changes or `--yolo`, even if the selected

111agent role loads a config file with different defaults.

~~112~~

113You can also override the sandbox configuration for individual [agent roles](#agent-roles) such as explicitly marking an agent to work in read-only mode.

~~114~~

115## Agent roles

~~116~~

117You configure agent roles in the `[agents]` section of your [configuration](https://developers.openai.com/codex/config-basic#configuration-precedence).

~~118~~

119Define agent roles either in your local configuration (typically `~/.codex/config.toml`) or in a project-specific `.codex/config.toml`.

~~120~~

121Each role can provide guidance (`description`) for when Codex should use this agent, and optionally load a

122role-specific config file (`config_file`) when Codex spawns an agent with that role.

~~123~~

124Codex ships with built-in roles:

~~125~~

126- `default`: general-purpose fallback role.

127- `worker`: execution-focused role for implementation and fixes.

128- `explorer`: read-heavy codebase exploration role.

129- `monitor`: long-running command/task monitoring role (optimized for waiting/polling).

~~130~~

131Each agent role can override your default configuration. Common settings to override for an agent role are:

~~132~~

133- `model` and `model_reasoning_effort` to select a specific model for your agent role

134- `sandbox_mode` to mark an agent as `read-only`

135- `developer_instructions` to give the agent role extra instructions without relying on the parent agent to pass them

~~136~~

137### Schema

~~138~~

140| --- | --- | --- | --- |

~~147~~

148**Notes:**

~~149~~

150- Codex rejects unknown fields in `[agents.<name>]`.

151- `agents.max_threads` defaults to `6` when you leave it unset.

152- `agents.max_depth` defaults to `1`, which allows a direct child agent to spawn but prevents deeper nesting.

153- `agents.job_max_runtime_seconds` is optional. When you leave it unset, `spawn_agents_on_csv` falls back to its per-call default timeout of 1800 seconds per worker.

154- Codex resolves relative `config_file` paths relative to the `config.toml` file that defines the role.

155- Codex validates `agents.<name>.config_file` at config load time, and it must point to an existing file.

156- If a role name matches a built-in role (for example, `explorer`), your user-defined role takes precedence.

157- If Codex can’t load a role config file, agent spawns can fail until you fix the file.

158- The agent inherits any configuration that the role doesn’t set from the parent session.

~~159~~

160### Example agent roles

~~161~~

162The best role definitions are narrow and opinionated. Give each role one clear job, a tool surface that matches that job, and instructions that keep it from drifting into adjacent work.

~~163~~

164#### Example 1: PR review team

~~165~~

166This pattern splits review into three focused roles:

~~167~~

168- `explorer` maps the codebase and gathers evidence.

169- `reviewer` looks for correctness, security, and test risks.

170- `docs_researcher` checks framework or API documentation through a dedicated MCP server.

~~171~~

172Project config (`.codex/config.toml`):

~~173~~

174```

175[agents]

176max_threads = 6

177max_depth = 1

~~178~~

179[agents.explorer]

180description = "Read-only codebase explorer for gathering evidence before changes are proposed."

181config_file = "agents/explorer.toml"

~~182~~

183[agents.reviewer]

184description = "PR reviewer focused on correctness, security, and missing tests."

185config_file = "agents/reviewer.toml"

~~186~~

187[agents.docs_researcher]

188description = "Documentation specialist that uses the docs MCP server to verify APIs and framework behavior."

189config_file = "agents/docs-researcher.toml"

190```

~~191~~

192`agents/explorer.toml`:

~~193~~

194```

195model = "gpt-5.3-codex-spark"

196model_reasoning_effort = "medium"

197sandbox_mode = "read-only"

198developer_instructions = """

199Stay in exploration mode.

200Trace the real execution path, cite files and symbols, and avoid proposing fixes unless the parent agent asks for them.

201Prefer fast search and targeted file reads over broad scans.

202"""

203```

~~204~~

205`agents/reviewer.toml`:

~~206~~

207```

208model = "gpt-5.3-codex"

209model_reasoning_effort = "high"

210sandbox_mode = "read-only"

211developer_instructions = """

212Review code like an owner.

213Prioritize correctness, security, behavior regressions, and missing test coverage.

214Lead with concrete findings, include reproduction steps when possible, and avoid style-only comments unless they hide a real bug.

215"""

216```

~~217~~

218`agents/docs-researcher.toml`:

~~219~~

220```

221model = "gpt-5.3-codex-spark"

222model_reasoning_effort = "medium"

223sandbox_mode = "read-only"

224developer_instructions = """

225Use the docs MCP server to confirm APIs, options, and version-specific behavior.

226Return concise answers with links or exact references when available.

227Do not make code changes.

228"""

~~229~~

230[mcp_servers.openaiDeveloperDocs]

231url = "https://developers.openai.com/mcp"

232```

~~233~~

234This setup works well for prompts like:

~~235~~

236```

237Review this branch against main. Have explorer map the affected code paths, reviewer find real risks, and docs_researcher verify the framework APIs that the patch relies on.

238```

~~239~~

240#### Example 2: Frontend integration debugging team

~~241~~

242This pattern is useful for UI regressions, flaky browser flows, or integration bugs that cross application code and the running product.

~~243~~

244Project config (`.codex/config.toml`):

~~245~~

246```

247[agents]

248max_threads = 6

249max_depth = 1

~~250~~

251[agents.explorer]

252description = "Read-only codebase explorer for locating the relevant frontend and backend code paths."

253config_file = "agents/explorer.toml"

~~254~~

255[agents.browser_debugger]

256description = "UI debugger that uses browser tooling to reproduce issues and capture evidence."

257config_file = "agents/browser-debugger.toml"

~~258~~

259[agents.worker]

260description = "Implementation-focused agent for small, targeted fixes after the issue is understood."

261config_file = "agents/worker.toml"

262```

~~263~~

264`agents/explorer.toml`:

~~265~~

266```

267model = "gpt-5.3-codex-spark"

268model_reasoning_effort = "medium"

269sandbox_mode = "read-only"

270developer_instructions = """

271Map the code that owns the failing UI flow.

272Identify entry points, state transitions, and likely files before the worker starts editing.

273"""

274```

~~275~~

276`agents/browser-debugger.toml`:

~~277~~

278```

279model = "gpt-5.3-codex"

280model_reasoning_effort = "high"

281sandbox_mode = "workspace-write"

282developer_instructions = """

283Reproduce the issue in the browser, capture exact steps, and report what the UI actually does.

284Use browser tooling for screenshots, console output, and network evidence.

285Do not edit application code.

286"""

~~287~~

288[mcp_servers.chrome_devtools]

289url = "http://localhost:3000/mcp"

290startup_timeout_sec = 20

291```

~~292~~

293`agents/worker.toml`:

~~294~~

295```

296model = "gpt-5.3-codex"

297model_reasoning_effort = "medium"

298developer_instructions = """

299Own the fix once the issue is reproduced.

300Make the smallest defensible change, keep unrelated files untouched, and validate only the behavior you changed.

301"""

~~302~~

303[[skills.config]]

304path = "/Users/me/.agents/skills/docs-editor/SKILL.md"

305enabled = false

306```

~~307~~

308This setup works well for prompts like:

~~309~~

310```

311Investigate why the settings modal fails to save. Have browser_debugger reproduce it, explorer trace the responsible code path, and worker implement the smallest fix once the failure mode is clear.

312```

open-source.md +1 −1

Details

2 2

3OpenAI develops key parts of Codex in the open. That work lives on GitHub so you can follow progress, report issues, and contribute improvements.3OpenAI develops key parts of Codex in the open. That work lives on GitHub so you can follow progress, report issues, and contribute improvements.

4 4

5If you maintain a widely used open-source project or want to nominate maintainers stewarding important projects, you can also [apply to the Codex open source program](https://developers.openai.com/codex/community/codex-for-oss) for API credits, ChatGPT Pro with Codex, and selective access to Codex Security.5If you maintain a widely used open-source project or want to nominate maintainers stewarding important projects, you can also [apply to the Codex for OSS program](https://developers.openai.com/community/codex-for-oss) for API credits, ChatGPT Pro with Codex, and selective access to Codex Security.

6 6

7## Open-source components7## Open-source components

8 8

overview.md +3 −3

Details

22 22

23 Learn more](https://developers.openai.com/codex/explore) [### Community23 Learn more](https://developers.openai.com/codex/explore) [### Community

24 24

~~25Explore Codex Ambassadors and upcoming community meetups by location.~~25Read community posts, explore meetups, and connect with Codex builders.

26 26

~~27 See community](https://developers.openai.com/codex/community/meetups) [### Codex for OSS~~27 See community](/community) [### Codex for Open Source

28 28

30 30

~~31 Learn more](https://developers.openai.com/codex/community/codex-for-oss)~~31 Learn more](https://developers.openai.com/community/codex-for-oss)

plugins.md +114 −0 added

Details

1# Plugins

3## Overview

5Plugins bundle skills, app integrations, and MCP servers into reusable

6workflows for Codex.

8Extend what Codex can do, for example:

10- Install the Gmail plugin to let Codex read and manage Gmail.

11- Install the Google Drive plugin to work across Drive, Docs, Sheets, and

12 Slides.

13- Install the Slack plugin to summarize channels or draft replies.

15A plugin can contain:

17- **Skills:** reusable instructions for specific kinds of work. Codex can load

18 them when needed so it follows the right steps and uses the right references

19 or helper scripts for a task.

20- **Apps:** connections to tools like GitHub, Slack, or Google Drive, so

21 Codex can read information from those tools and take actions in them.

22- **MCP servers:** services that give Codex access to additional tools or

23 shared information, often from systems outside your local project.

25More plugin capabilities are coming soon.

27## Use and install plugins

29### Plugin Directory in the Codex app

31Open **Plugins** in the Codex app to browse and install curated plugins.

33![Codex Plugins page](/images/codex/plugins/directory.png)

35### Plugin directory in the CLI

37In Codex CLI, run the following command to open the plugins list:

39```text

40codex

41/plugins

42```

44![Plugins list in Codex CLI](/images/codex/plugins/cli_light.png)

46### Install and use a plugin

48Once you open the plugin directory:

501. Search or browse for a plugin, then open its details.

512. Select the install button. In the app, select the plus button or

52 **Add to Codex**. In the CLI, select `Install plugin`.

533. If the plugin needs an external app, connect it when prompted. Some plugins

54 ask you to authenticate during install. Others wait until the first time you

55 use them.

564. After installation, start a new thread and ask Codex to use the plugin.

58After you install a plugin, you can use it directly in the prompt window:

60![Codex Plugins page](/images/codex/plugins/plugin-github-invoke.png)

62Describe the task directly

64 Ask for the outcome you want, such as "Summarize unread Gmail threads

65 from today" or "Pull the latest launch notes from Google Drive."

67 Use this when you want Codex to choose the right installed tools for the

68 task.

70Choose a specific plugin

72 Type <code>@</code> to invoke the plugin or one of its bundled skills

73 explicitly.

75 Use this when you want to be specific about which plugin or skill Codex

76should use. See [Codex app commands](https://developers.openai.com/codex/app/commands) and

77[Skills](https://developers.openai.com/codex/skills).

79### How permissions and data sharing work

81Installing a plugin makes its workflows available in Codex, but your existing

82[approval settings](https://developers.openai.com/codex/agent-approvals-security) still apply. Any

83connected external services remain subject to their own authentication,

84privacy, and data-sharing policies.

86- Bundled skills are available as soon as you install the plugin.

87- If a plugin includes apps, Codex may prompt you to install or sign in to

88 those apps in ChatGPT during setup or the first time you use them.

89- If a plugin includes MCP servers, they may require additional setup or

90 authentication before you can use them.

91- When Codex sends data through a bundled app, that app's terms and privacy

92 policy apply.

94### Remove or turn off a plugin

96To remove a plugin, reopen it from the plugin browser and select

97**Uninstall plugin**.

99Uninstalling a plugin removes the plugin bundle from Codex, but bundled apps

100stay installed until you manage them in ChatGPT.

101

102If you want to keep a plugin installed but turn it off, set its entry in

103`~/.codex/config.toml` to `enabled = false`, then restart Codex:

104

105```toml

106[plugins."gmail@openai-curated"]

107enabled = false

108```

109

110## Build your own plugin

111

112If you want to create, test, or distribute your own plugin, see

113[Build plugins](https://developers.openai.com/codex/plugins/build). That page covers local scaffolding,

114manual marketplace setup, plugin manifests, and packaging guidance.

plugins/build.md +359 −0 added

Details

1# Build plugins

3This page is for plugin authors. If you want to browse, install, and use

4plugins in Codex, see [Plugins](https://developers.openai.com/codex/plugins). If you are still iterating on

5one repo or one personal workflow, start with a local skill. Build a plugin

6when you want to share that workflow across teams, bundle app integrations or

7MCP config, or publish a stable package.

9## Create a plugin with `$plugin-creator`

11For the fastest setup, use the built-in `$plugin-creator` skill.

13![plugin-creator skill in Codex](/images/codex/plugins/plugin-creator.png)

15It scaffolds the required `.codex-plugin/plugin.json` manifest and can also

16generate a local marketplace entry for testing. If you already have a plugin

17folder, you can still use `$plugin-creator` to wire it into a local

18marketplace.

20![how to invoke the plugin-creator skill](/images/codex/plugins/plugin-creator-invoke.png)

22### Build your own curated plugin list

24A marketplace is a JSON catalog of plugins. `$plugin-creator` can generate one

25for a single plugin, and you can keep adding entries to that same marketplace

26to build your own curated list for a repo, team, or personal workflow.

28In Codex, each marketplace appears as a selectable source in the plugin

29directory. Use `$REPO_ROOT/.agents/plugins/marketplace.json` for a repo-scoped

30list or `~/.agents/plugins/marketplace.json` for a personal list. Add one

31entry per plugin under `plugins[]`, point each `source.path` at the plugin

32folder with a `./`-prefixed path relative to the marketplace root, and set

33`interface.displayName` to the label you want Codex to show in the marketplace

34picker. Then restart Codex. After that, open the plugin directory, choose your

35marketplace, and browse or install the plugins in that curated list.

37You don't need a separate marketplace per plugin. One marketplace can expose a

38single plugin while you are testing, then grow into a larger curated catalog as

39you add more plugins.

41![custom local marketplace in the plugin directory](/images/codex/plugins/codex-local-plugin-light.png)

43### Create a plugin manually

45Start with a minimal plugin that packages one skill.

471. Create a plugin folder with a manifest at `.codex-plugin/plugin.json`.

49```bash

50mkdir -p my-first-plugin/.codex-plugin

51```

53`my-first-plugin/.codex-plugin/plugin.json`

55```json

56{

57 "name": "my-first-plugin",

58 "version": "1.0.0",

59 "description": "Reusable greeting workflow",

60 "skills": "./skills/"

61}

62```

64Use a stable plugin `name` in kebab-case. Codex uses it as the plugin

65identifier and component namespace.

672. Add a skill under `skills/<skill-name>/SKILL.md`.

69```bash

70mkdir -p my-first-plugin/skills/hello

71```

73`my-first-plugin/skills/hello/SKILL.md`

75```md

76---

77name: hello

78description: Greet the user with a friendly message.

79---

81Greet the user warmly and ask how you can help.

82```

843. Add the plugin to a marketplace. Use `$plugin-creator` to generate one, or

85 follow [Build your own curated plugin list](#build-your-own-curated-plugin-list)

86 to wire the plugin into Codex manually.

88From there, you can add MCP config, app integrations, or marketplace metadata

89as needed.

91### Install a local plugin manually

93Use a repo marketplace or a personal marketplace, depending on who should be

94able to access the plugin or curated list.

96 Add a marketplace file at `$REPO_ROOT/.agents/plugins/marketplace.json`

97 and store your plugins under `$REPO_ROOT/plugins/`.

99 **Repo marketplace example**

100

101 Step 1: Copy the plugin folder into `$REPO_ROOT/plugins/my-plugin`.

102

103```bash

104mkdir -p ./plugins

105cp -R /absolute/path/to/my-plugin ./plugins/my-plugin

106```

107

108 Step 2: Add or update `$REPO_ROOT/.agents/plugins/marketplace.json` so

109 that `source.path` points to that plugin directory with a `./`-prefixed

110 relative path:

111

112```json

113{

114 "name": "local-repo",

115 "plugins": [

116 {

117 "name": "my-plugin",

118 "source": {

119 "source": "local",

120 "path": "./plugins/my-plugin"

121 },

122 "policy": {

123 "installation": "AVAILABLE",

124 "authentication": "ON_INSTALL"

125 },

126 "category": "Productivity"

127 }

128 ]

129}

130```

131

132 Step 3: Restart Codex and verify that the plugin appears.

133

134 Add a marketplace file at `~/.agents/plugins/marketplace.json` and store

135 your plugins under `~/.codex/plugins/`.

136

137 **Personal marketplace example**

138

139 Step 1: Copy the plugin folder into `~/.codex/plugins/my-plugin`.

140

141```bash

142mkdir -p ~/.codex/plugins

143cp -R /absolute/path/to/my-plugin ~/.codex/plugins/my-plugin

144```

145

146 Step 2: Add or update `~/.agents/plugins/marketplace.json` so that the

147 plugin entry's `source.path` points to that directory.

148

149 Step 3: Restart Codex and verify that the plugin appears.

150

151The marketplace file points to the plugin location, so those directories are

152examples rather than fixed requirements. Codex resolves `source.path` relative

153to the marketplace root, not relative to the `.agents/plugins/` folder. See

154[Marketplace metadata](#marketplace-metadata) for the file format.

155

156After you change the plugin, update the plugin directory that your marketplace

157entry points to and restart Codex so the local install picks up the new files.

158

159### Marketplace metadata

160

161If you maintain a repo marketplace, define it in

162`$REPO_ROOT/.agents/plugins/marketplace.json`. For a personal marketplace, use

163`~/.agents/plugins/marketplace.json`. A marketplace file controls plugin

164ordering and install policies in Codex-facing catalogs. It can represent one

165plugin while you are testing or a curated list of plugins that you want Codex

166to show together under one marketplace name. Before you add a plugin to a

167marketplace, make sure its `version`, publisher metadata, and install-surface

168copy are ready for other developers to see.

169

170```json

171{

172 "name": "local-example-plugins",

173 "interface": {

174 "displayName": "Local Example Plugins"

175 },

176 "plugins": [

177 {

178 "name": "my-plugin",

179 "source": {

180 "source": "local",

181 "path": "./plugins/my-plugin"

182 },

183 "policy": {

184 "installation": "AVAILABLE",

185 "authentication": "ON_INSTALL"

186 },

187 "category": "Productivity"

188 },

189 {

190 "name": "research-helper",

191 "source": {

192 "source": "local",

193 "path": "./plugins/research-helper"

194 },

195 "policy": {

196 "installation": "AVAILABLE",

197 "authentication": "ON_INSTALL"

198 },

199 "category": "Productivity"

200 }

201 ]

202}

203```

204

205- Use top-level `name` to identify the marketplace.

206- Use `interface.displayName` for the marketplace title shown in Codex.

207- Add one object per plugin under `plugins` to build a curated list that Codex

208 shows under that marketplace title.

209- Point each plugin entry's `source.path` at the plugin directory you want

210 Codex to load. For repo installs, that often lives under `./plugins/`. For

211 personal installs, a common pattern is `./.codex/plugins/<plugin-name>`.

212- Keep `source.path` relative to the marketplace root, start it with `./`, and

213 keep it inside that root.

214- Always include `policy.installation`, `policy.authentication`, and

215 `category` on each plugin entry.

216- Use `policy.installation` values such as `AVAILABLE`,

217 `INSTALLED_BY_DEFAULT`, or `NOT_AVAILABLE`.

218- Use `policy.authentication` to decide whether auth happens on install or

219 first use.

220

221The marketplace controls where Codex loads the plugin from. `source.path` can

222point somewhere else if your plugin lives outside those example directories. A

223marketplace file can live in the repo where you are developing the plugin or in

224a separate marketplace repo, and one marketplace file can point to one plugin

225or many.

226

227### How Codex uses marketplaces

228

229A plugin marketplace is a JSON catalog of plugins that Codex can read and

230install.

231

232Codex can read marketplace files from:

233

234- the curated marketplace that powers the official Plugin Directory

235- a repo marketplace at `$REPO_ROOT/.agents/plugins/marketplace.json`

236- a personal marketplace at `~/.agents/plugins/marketplace.json`

237

238You can install any plugin exposed through a marketplace. Codex installs

239plugins into

240`~/.codex/plugins/cache/$MARKETPLACE_NAME/$PLUGIN_NAME/$VERSION/`. For local

241plugins, `$VERSION` is `local`, and Codex loads the installed copy from that

242cache path rather than directly from the marketplace entry.

243

244You can enable or disable each plugin individually. Codex stores each plugin's

245on or off state in `~/.codex/config.toml`.

246

247## Package and distribute plugins

248

249### Plugin structure

250

251Every plugin has a manifest at `.codex-plugin/plugin.json`. It can also include

252a `skills/` directory, an `.app.json` file that points at one or more apps or

253connectors, and assets used to present the plugin across supported surfaces.

254

255- my-plugin/

256

257 - .codex-plugin/

258

259 - plugin.json Required: plugin manifest

260 - skills/

261

262 - my-skill/

263

264 - SKILL.md Optional: skill instructions

265 - .app.json Optional: app or connector mappings

266 - .mcp.json Optional: MCP server configuration

267 - assets/ Optional: icons, logos, screenshots

268

269Only `plugin.json` belongs in `.codex-plugin/`. Keep `skills/`, `assets/`,

270`.mcp.json`, and `.app.json` at the plugin root.

271

272Published plugins typically use a richer manifest than the minimal example that

273appears in quick-start scaffolds. The manifest has three jobs:

274

275- Identify the plugin.

276- Point to bundled components such as skills, apps, or MCP servers.

277- Provide install-surface metadata such as descriptions, icons, and legal

278 links.

279

280Here's a complete manifest example:

281

282```json

283{

284 "name": "my-plugin",

285 "version": "0.1.0",

286 "description": "Bundle reusable skills and app integrations.",

287 "author": {

288 "name": "Your team",

289 "email": "team@example.com",

290 "url": "https://example.com"

291 },

292 "homepage": "https://example.com/plugins/my-plugin",

293 "repository": "https://github.com/example/my-plugin",

294 "license": "MIT",

295 "keywords": ["research", "crm"],

296 "skills": "./skills/",

297 "mcpServers": "./.mcp.json",

298 "apps": "./.app.json",

299 "interface": {

300 "displayName": "My Plugin",

301 "shortDescription": "Reusable skills and apps",

302 "longDescription": "Distribute skills and app integrations together.",

303 "developerName": "Your team",

304 "category": "Productivity",

305 "capabilities": ["Read", "Write"],

306 "websiteURL": "https://example.com",

307 "privacyPolicyURL": "https://example.com/privacy",

308 "termsOfServiceURL": "https://example.com/terms",

309 "defaultPrompt": [

310 "Use My Plugin to summarize new CRM notes.",

311 "Use My Plugin to triage new customer follow-ups."

312 ],

313 "brandColor": "#10A37F",

314 "composerIcon": "./assets/icon.png",

315 "logo": "./assets/logo.png",

316 "screenshots": ["./assets/screenshot-1.png"]

317 }

318}

319```

320

321`.codex-plugin/plugin.json` is the required entry point. The other manifest

322fields are optional, but published plugins commonly use them.

323

324### Manifest fields

325

326Use the top-level fields to define package metadata and point to bundled

327components:

328

329- `name`, `version`, and `description` identify the plugin.

330- `author`, `homepage`, `repository`, `license`, and `keywords` provide

331 publisher and discovery metadata.

332- `skills`, `mcpServers`, and `apps` point to bundled components relative to

333 the plugin root.

334- `interface` controls how install surfaces present the plugin.

335

336Use the `interface` object for install-surface metadata:

337

338- `displayName`, `shortDescription`, and `longDescription` control the title

339 and descriptive copy.

340- `developerName`, `category`, and `capabilities` add publisher and capability

341 metadata.

342- `websiteURL`, `privacyPolicyURL`, and `termsOfServiceURL` provide external

343 links.

344- `defaultPrompt`, `brandColor`, `composerIcon`, `logo`, and `screenshots`

345 control starter prompts and visual presentation.

346

347### Path rules

348

349- Keep manifest paths relative to the plugin root and start them with `./`.

350- Store visual assets such as `composerIcon`, `logo`, and `screenshots` under

351 `./assets/` when possible.

352- Use `skills` for bundled skill folders, `apps` for `.app.json`, and

353 `mcpServers` for `.mcp.json`.

354

355### Publish official public plugins

356

357Adding plugins to the official Plugin Directory is coming soon.

358

359Self-serve plugin publishing and management are coming soon.

skills.md +26 −4

Details

1# Agent Skills1# Agent Skills

2 2

3Use agent skills to extend Codex with task-specific capabilities. A skill packages instructions, resources, and optional scripts so Codex can follow a workflow reliably. You can share skills across teams or with the community. Skills build on the [open agent skills standard](https://agentskills.io).3Use agent skills to extend Codex with task-specific capabilities. A skill packages instructions, resources, and optional scripts so Codex can follow a workflow reliably. Skills build on the [open agent skills standard](https://agentskills.io).

5Skills are the authoring format for reusable workflows. Plugins are the installable distribution unit for reusable skills and apps in Codex. Use skills to design the workflow itself, then package it as a [plugin](https://developers.openai.com/codex/plugins/build) when you want other developers to install it.

4 6

5Skills are available in the Codex CLI, IDE extension, and Codex app.7Skills are available in the Codex CLI, IDE extension, and Codex app.

6 8

65 67

66Codex supports symlinked skill folders and follows the symlink target when scanning these locations.68Codex supports symlinked skill folders and follows the symlink target when scanning these locations.

67 69

~~68## Install skills~~70These locations are for authoring and local discovery. When you want to

71distribute reusable skills beyond a single repo, or optionally bundle them with

72app integrations, use [plugins](https://developers.openai.com/codex/plugins/build).

74## Distribute skills with plugins

76Direct skill folders are best for local authoring and repo-scoped workflows. If

77you want to distribute a reusable skill, bundle two or more skills together, or

78ship a skill alongside an app integration, package them as a

79[plugin](https://developers.openai.com/codex/plugins/build).

69 80

~~70To install skills beyond the built-ins, use `$skill-installer`. For example, to install the `$linear` skill:~~81Plugins can include one or more skills. They can also optionally bundle app

82mappings, MCP server configuration, and presentation assets in a single

83package.

85## Install curated skills for local use

87To add curated skills beyond the built-ins for your own local Codex setup, use `$skill-installer`. For example, to install the `$linear` skill:

71 88

72```bash89```bash

73$skill-installer linear90$skill-installer linear

74```91```

75 92

~~76You can also prompt the installer to download skills from other repositories. Codex detects newly installed skills automatically; if one doesn’t appear, restart Codex.~~93You can also prompt the installer to download skills from other repositories.

94Codex detects newly installed skills automatically; if one doesn't appear,

95restart Codex.

97Use this for local setup and experimentation. For reusable distribution of your

98own skills, prefer plugins.

77 99

78## Enable or disable skills100## Enable or disable skills

79 101

speed.md +5 −3

Details

8Fast mode is currently supported on GPT-5.4. When enabled, speed is increased8Fast mode is currently supported on GPT-5.4. When enabled, speed is increased

9by 1.5x and credits are consumed at a 2x rate.9by 1.5x and credits are consumed at a 2x rate.

10 10

~~11Enable it by typing `/fast`. It’s available in Codex IDE Extensions, Codex~~11Use `/fast on`, `/fast off`, or `/fast status` in the CLI to change or inspect

~~12CLI, and the Codex app when you sign in with ChatGPT. With an API key, Codex~~12the current setting. You can also persist the default with `service_tier = "fast"` plus `[features].fast_mode = true` in `config.toml`. Fast mode is

~~13uses standard API pricing instead and you can’t use `/fast`.~~13available in the Codex IDE extension, Codex CLI, and the Codex app when you

14sign in with ChatGPT. With an API key, Codex uses standard API pricing instead

15and you can't use Fast mode credits.

14 16

15[17[

16Your browser does not support the video tag.18Your browser does not support the video tag.

subagents.md +340 −0 added

Details

1# Subagents

3Codex can run subagent workflows by spawning specialized agents in parallel and then collecting their results in one response. This can be particularly helpful for complex tasks that are highly parallel, such as codebase exploration or implementing a multi-step feature plan.

5With subagent workflows, you can also define your own custom agents with different model configurations and instructions depending on the task.

7For the concepts and tradeoffs behind subagent workflows, including context pollution, context rot, and model-selection guidance, see [Subagent concepts](https://developers.openai.com/codex/concepts/subagents).

9## Availability

11Current Codex releases enable subagent workflows by default.

13Subagent activity is currently surfaced in the Codex app and CLI. Visibility

14 in the IDE Extension is coming soon.

16Codex only spawns subagents when you explicitly ask it to. Because each

17subagent does its own model and tool work, subagent workflows consume more

18tokens than comparable single-agent runs.

20## Typical workflow

22Codex handles orchestration across agents, including spawning new subagents,

23routing follow-up instructions, waiting for results, and closing agent

24threads.

26When many agents are running, Codex waits until all requested results are

27available, then returns a consolidated response.

29Codex only spawns a new agent when you explicitly ask it to do so.

31To see it in action, try the following prompt on your project:

33```text

34I would like to review the following points on the current PR (this branch vs main). Spawn one agent per point, wait for all of them, and summarize the result for each point.

351. Security issue

362. Code quality

373. Bugs

384. Race

395. Test flakiness

406. Maintainability of the code

41```

43## Managing subagents

45- Use `/agent` in the CLI to switch between active agent threads and inspect the ongoing thread.

46- Ask Codex directly to steer a running subagent, stop it, or close completed agent threads.

48## Approvals and sandbox controls

50Subagents inherit your current sandbox policy.

52In interactive CLI sessions, approval requests can surface from inactive agent

53threads even while you are looking at the main thread. The approval overlay

54shows the source thread label, and you can press `o` to open that thread before

55you approve, reject, or answer the request.

57In non-interactive flows, or whenever a run can't surface a fresh approval, an

58action that needs new approval fails and Codex surfaces the error back to the

59parent workflow.

61Codex also reapplies the parent turn's live runtime overrides when it spawns a

62child. That includes sandbox and approval choices you set interactively during

63the session, such as `/approvals` changes or `--yolo`, even if the selected

64custom agent file sets different defaults.

66You can also override the sandbox configuration for individual [custom agents](#custom-agents), such as explicitly marking one to work in read-only mode.

68## Custom agents

70Codex ships with built-in agents:

72- `default`: general-purpose fallback agent.

73- `worker`: execution-focused agent for implementation and fixes.

74- `explorer`: read-heavy codebase exploration agent.

76To define your own custom agents, add standalone TOML files under

77`~/.codex/agents/` for personal agents or `.codex/agents/` for project-scoped

78agents.

80Each file defines one custom agent. Codex loads these files as configuration

81layers for spawned sessions, so custom agents can override the same settings as

82a normal Codex session config. That can feel heavier than a dedicated agent

83manifest, and the format may evolve as authoring and sharing mature.

85Every standalone custom agent file must define:

87- `name`

88- `description`

89- `developer_instructions`

91Optional fields such as `nickname_candidates`, `model`,

92`model_reasoning_effort`, `sandbox_mode`, `mcp_servers`, and `skills.config`

93inherit from the parent session when you omit them.

95### Global settings

97Global subagent settings still live under `[agents]` in your [configuration](https://developers.openai.com/codex/config-basic#configuration-precedence).

100| --- | --- | --- | --- |

104

105**Notes:**

106

107- `agents.max_threads` defaults to `6` when you leave it unset.

108- `agents.max_depth` defaults to `1`, which allows a direct child agent to spawn but prevents deeper nesting. Keep the default unless you specifically need recursive delegation. Raising this value can turn broad delegation instructions into repeated fan-out, which increases token usage, latency, and local resource consumption. `agents.max_threads` still caps concurrent open threads, but it doesn't remove the cost and predictability risks of deeper recursion.

109- `agents.job_max_runtime_seconds` is optional. When you leave it unset, `spawn_agents_on_csv` falls back to its per-call default timeout of 1800 seconds per worker.

110- If a custom agent name matches a built-in agent such as `explorer`, your custom agent takes precedence.

111

112### Custom agent file schema

113

115| --- | --- | --- | --- |

120

121You can also include other supported `config.toml` keys in a custom agent file, such as `model`, `model_reasoning_effort`, `sandbox_mode`, `mcp_servers`, and `skills.config`.

122

123Codex identifies the custom agent by its `name` field. Matching the filename to

124the agent name is the simplest convention, but the `name` field is the source

125of truth.

126

127### Display nicknames

128

129Use `nickname_candidates` when you want Codex to assign more readable display

130names to spawned agents. This is especially helpful when you run many

131instances of the same custom agent and want the UI to show distinct labels

132instead of repeating the same agent name.

133

134Nicknames are presentation-only. Codex still identifies and spawns the agent by

135its `name`.

136

137Nickname candidates must be a non-empty list of unique names. Each nickname can

138use ASCII letters, digits, spaces, hyphens, and underscores.

139

140Example:

141

142```toml

143name = "reviewer"

144description = "PR reviewer focused on correctness, security, and missing tests."

145developer_instructions = """

146Review code like an owner.

147Prioritize correctness, security, behavior regressions, and missing test coverage.

148"""

149nickname_candidates = ["Atlas", "Delta", "Echo"]

150```

151

152In practice, the Codex app and CLI can show the nicknames where agent activity

153appears, while the underlying agent type stays

154`reviewer`.

155

156### Example custom agents

157

158The best custom agents are narrow and opinionated. Give each one clear job, a

159tool surface that matches that job, and instructions that keep it from

160drifting into adjacent work.

161

162#### Example 1: PR review

163

164This pattern splits review across three focused custom agents:

165

166- `pr_explorer` maps the codebase and gathers evidence.

167- `reviewer` looks for correctness, security, and test risks.

168- `docs_researcher` checks framework or API documentation through a dedicated MCP server.

169

170Project config (`.codex/config.toml`):

171

172```toml

173[agents]

174max_threads = 6

175max_depth = 1

176```

177

178`.codex/agents/pr-explorer.toml`:

179

180```toml

181name = "pr_explorer"

182description = "Read-only codebase explorer for gathering evidence before changes are proposed."

183model = "gpt-5.3-codex-spark"

184model_reasoning_effort = "medium"

185sandbox_mode = "read-only"

186developer_instructions = """

187Stay in exploration mode.

188Trace the real execution path, cite files and symbols, and avoid proposing fixes unless the parent agent asks for them.

189Prefer fast search and targeted file reads over broad scans.

190"""

191```

192

193`.codex/agents/reviewer.toml`:

194

195```toml

196name = "reviewer"

197description = "PR reviewer focused on correctness, security, and missing tests."

198model = "gpt-5.4"

199model_reasoning_effort = "high"

200sandbox_mode = "read-only"

201developer_instructions = """

202Review code like an owner.

203Prioritize correctness, security, behavior regressions, and missing test coverage.

204Lead with concrete findings, include reproduction steps when possible, and avoid style-only comments unless they hide a real bug.

205"""

206```

207

208`.codex/agents/docs-researcher.toml`:

209

210```toml

211name = "docs_researcher"

212description = "Documentation specialist that uses the docs MCP server to verify APIs and framework behavior."

213model = "gpt-5.4-mini"

214model_reasoning_effort = "medium"

215sandbox_mode = "read-only"

216developer_instructions = """

217Use the docs MCP server to confirm APIs, options, and version-specific behavior.

218Return concise answers with links or exact references when available.

219Do not make code changes.

220"""

221

222[mcp_servers.openaiDeveloperDocs]

223url = "https://developers.openai.com/mcp"

224```

225

226This setup works well for prompts like:

227

228```text

229Review this branch against main. Have pr_explorer map the affected code paths, reviewer find real risks, and docs_researcher verify the framework APIs that the patch relies on.

230```

231

232## Process CSV batches with subagents (experimental)

233

234This workflow is experimental and may change as subagent support evolves.

235Use `spawn_agents_on_csv` when you have many similar tasks that map to one row per work item. Codex reads the CSV, spawns one worker subagent per row, waits for the full batch to finish, and exports the combined results to CSV.

236

237This works well for repeated audits such as:

238

239- reviewing one file, package, or service per row

240- checking a list of incidents, PRs, or migration targets

241- generating structured summaries for many similar inputs

242

243The tool accepts:

244

245- `csv_path` for the source CSV

246- `instruction` for the worker prompt template, using `{column_name}` placeholders

247- `id_column` when you want stable item ids from a specific column

248- `output_schema` when each worker should return a JSON object with a fixed shape

249- `output_csv_path`, `max_concurrency`, and `max_runtime_seconds` for job control

250

251Each worker must call `report_agent_job_result` exactly once. If a worker exits without reporting a result, Codex marks that row with an error in the exported CSV.

252

253Example prompt:

254

255```text

256Create /tmp/components.csv with columns path,owner and one row per frontend component.

257

258Then call spawn_agents_on_csv with:

259- csv_path: /tmp/components.csv

260- id_column: path

261- instruction: "Review {path} owned by {owner}. Return JSON with keys path, risk, summary, and follow_up via report_agent_job_result."

262- output_csv_path: /tmp/components-review.csv

263- output_schema: an object with required string fields path, risk, summary, and follow_up

264```

265

266When you run this through `codex exec`, Codex shows a single-line progress update on `stderr` while the batch is running. The exported CSV includes the original row data plus metadata such as `job_id`, `item_id`, `status`, `last_error`, and `result_json`.

267

268Related runtime settings:

269

270- `agents.max_threads` caps how many agent threads can stay open concurrently.

271- `agents.job_max_runtime_seconds` sets the default per-worker timeout for CSV fan-out jobs. A per-call `max_runtime_seconds` override takes precedence.

272- `sqlite_home` controls where Codex stores the SQLite-backed state used for agent jobs and their exported results.

273

274#### Example 2: Frontend integration debugging

275

276This pattern is useful for UI regressions, flaky browser flows, or integration bugs that cross application code and the running product.

277

278Project config (`.codex/config.toml`):

279

280```toml

281[agents]

282max_threads = 6

283max_depth = 1

284```

285

286`.codex/agents/code-mapper.toml`:

287

288```toml

289name = "code_mapper"

290description = "Read-only codebase explorer for locating the relevant frontend and backend code paths."

291model = "gpt-5.4-mini"

292model_reasoning_effort = "medium"

293sandbox_mode = "read-only"

294developer_instructions = """

295Map the code that owns the failing UI flow.

296Identify entry points, state transitions, and likely files before the worker starts editing.

297"""

298```

299

300`.codex/agents/browser-debugger.toml`:

301

302```toml

303name = "browser_debugger"

304description = "UI debugger that uses browser tooling to reproduce issues and capture evidence."

305model = "gpt-5.4"

306model_reasoning_effort = "high"

307sandbox_mode = "workspace-write"

308developer_instructions = """

309Reproduce the issue in the browser, capture exact steps, and report what the UI actually does.

310Use browser tooling for screenshots, console output, and network evidence.

311Do not edit application code.

312"""

313

314[mcp_servers.chrome_devtools]

315url = "http://localhost:3000/mcp"

316startup_timeout_sec = 20

317```

318

319`.codex/agents/ui-fixer.toml`:

320

321```toml

322name = "ui_fixer"

323description = "Implementation-focused agent for small, targeted fixes after the issue is understood."

324model = "gpt-5.3-codex-spark"

325model_reasoning_effort = "medium"

326developer_instructions = """

327Own the fix once the issue is reproduced.

328Make the smallest defensible change, keep unrelated files untouched, and validate only the behavior you changed.

329"""

330

331[[skills.config]]

332path = "/Users/me/.agents/skills/docs-editor/SKILL.md"

333enabled = false

334```

335

336This setup works well for prompts like:

337

338```text

339Investigate why the settings modal fails to save. Have browser_debugger reproduce it, code_mapper trace the responsible code path, and ui_fixer implement the smallest fix once the failure mode is clear.

340```

use-cases/api-integration-migrations.md +82 −0 added

Details

1# Upgrade your API integration | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Use Codex to update your existing OpenAI API integration to the latest recommended models and API features, while checking for regressions before you ship.

7Intermediate

91h

11Related links

13[Latest model guide](https://developers.openai.com/api/docs/guides/latest-model) [Prompt guidance](https://developers.openai.com/api/docs/guides/prompt-guidance) [OpenAI Docs MCP](/learn/docs-mcp) [Evals guide](https://developers.openai.com/api/docs/guides/evals)

15## Best for

17 - Teams upgrading from older models or API surfaces

18 - Repos that need behavior-preserving migrations with explicit validation

20## Skills & Plugins

22- [OpenAI Docs](https://github.com/openai/skills/tree/main/skills/.curated/openai-docs)

24 Pull the current model, migration, and API guidance before Codex makes edits to your implementation.

26## Starter prompt

28Use $openai-docs to upgrade this OpenAI integration to the latest recommended model and API features.

29Specifically, look for the latest model and prompt guidance for this specific model.

30 Requirements:

31- Start by inventorying the current models, endpoints, and tool assumptions in the repo.

32- Identify the smallest migration plan that gets us onto the latest supported path.

33 - Preserve behavior unless a change is required by the new API or model.

34 - Update prompts using the latest model prompt guidance.

35- Call out any prompt, tool, or response-shape changes we need to review manually.

37## Introduction

39As we release new models and API features, we recommend upgrading your integration to benefit from the latest improvements.

40Changing from one model to another is often not as simple as just updating the model name.

42There might be changes to the API–for example, for the GPT-5.4 model, we added a new `phase` parameter to the assistant message that is important to include in your integration–but most importantly, model behavior can be different and require changes to your existing prompts.

44When migrating to a new model, you should make sure to not only make the necessary code changes, but also evaluate the impact on your workflows.

46## Leverage the OpenAI Docs skill

48All the specifics about the new API features and model behavior are documented in our docs, in the [latest model](https://developers.openai.com/api/docs/guides/latest-model) and [prompt guidance](https://developers.openai.com/api/docs/guides/prompt-guidance) guides.

50The OpenAI Docs skill also includes [specific guidance](https://github.com/openai/codex/blob/6323f0104d17d211029faab149231ba787f7da37/codex-rs/skills/src/assets/samples/openai-docs/references/upgrading-to-gpt-5p4.md) as reference, codifying how to upgrade to the latest model–currently [GPT-5.4](https://developers.openai.com/api/docs/models/gpt-5.4).

52Codex now automatically comes with the OpenAI Docs skill, so make sure to mention it in your prompt to access all the latest documentation and guidance when building with the OpenAI API.

54## Build a robust evals pipeline

56Codex can automatically update your prompts based on the latest prompt guidance, but you should have a way to automate verifying your integration is working as expected.

58Make sure to build an evals pipeline that you can run every time you make changes to your integration, to verify there is no regression in behavior.

60This [cookbook guide](https://developers.openai.com/cookbook/examples/evaluation/building_resilient_prompts_using_an_evaluation_flywheel) covers in detail how to do this using our [Evals API](https://developers.openai.com/api/docs/guides/evals).

62## Related use cases

64[![](/images/codex/codex-wallpaper-1.webp)

66### Create browser-based games

68Use Codex to turn a game brief into first a well-defined plan, and then a real browser-based...

70Engineering Code](https://developers.openai.com/codex/use-cases/browser-games)[![](/images/codex/codex-wallpaper-1.webp)

72### Bring your app to ChatGPT

74Build one narrow ChatGPT app outcome end to end: define the tools, scaffold the MCP server...

76Integrations Code](https://developers.openai.com/codex/use-cases/chatgpt-apps)[![](/images/codex/codex-wallpaper-3.webp)

78### Build for iOS and macOS

80Use Codex to scaffold SwiftUI projects, keep the build loop CLI-first with `xcodebuild` or...

82Mobile Code](https://developers.openai.com/codex/use-cases/native-ios-macos-apps)

use-cases/browser-games.md +13 −0 added

Details

1# Create browser-based games | Codex use cases

3Need

5Backend stack

7Default options

9[Fastify](https://fastify.dev/) , WebSockets, [Postgres](https://www.postgresql.org/) , and [Redis](https://redis.io/)

11Why it's needed

13A strong default when the game needs persistence, matchmaking, leaderboards, or pub/sub.

use-cases/chatgpt-apps.md +13 −0 added

Details

1# Bring your app to ChatGPT | Codex use cases

3Need

5Widget framework

7Default options

9[React](https://react.dev/)

11Why it's needed

13A strong default for stateful widgets, especially when the UI needs filters, tables, or multi-step interaction.

use-cases/codebase-onboarding.md +77 −0 added

Details

1# Understand large codebases | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Use Codex to map unfamiliar codebases, explain different modules and data flow, and point you to the next files worth reading before you edit.

7Easy

95m

11Related links

13[Codex app](https://developers.openai.com/codex/app)

15## Best for

17 - New engineers onboarding to a new repo or service

18 - Anyone trying to understand how a feature works before changing it

20## Starter prompt

22Explain how the request flows through <name of the system area> in the codebase.

23 Include:

24 - which modules own what

25 - where data is validated

26 - the top gotchas to watch for before making changes

27 End with the files I should read next.

29## Introduction

31When you are new to a repo or dropped into an unfamiliar feature, Codex can help you get oriented before you start changing code. The goal is not just to get a high-level summary, but to map the request flow, understand which modules own what, and identify the next files worth reading.

33## How to use

35If you're new to a project, you can simply start by asking Codex to explain the whole codebase:

37Explain this repo to me

39If you need to contribute a new feature to an existing codebase, you can ask codex to explain a specific system area. The better you scope the request, the more concrete the explanation will be:

411. Give Codex the relevant files, directories, or feature area you are trying to understand.

422. Ask it to trace the request flow and explain which modules own the business logic, transport, persistence, or UI.

433. Ask where validation, side effects, or state transitions happen before you edit anything.

444. End by asking which files you should read next and what the risky spots are.

46A useful onboarding answer should leave you with a concrete map, not just a list of filenames. By the end, Codex should have explained the main flow, highlighted the risky parts, and pointed you to the next files or checks that matter before you start editing.

48## Questions to ask next

50Once Codex gives you a first pass, keep going until the explanation is specific enough that you would trust yourself to make the first edit. Good follow-up questions usually force it to call out assumptions, hidden dependencies, and the checks that matter after a change.

52- Which module owns the actual business logic versus the transport or UI layer?

53- Where does validation happen, and what assumptions are enforced there?

54- What related files or background jobs are easy to miss if I change this flow?

55- Which tests or checks should I run after editing this area?

57## Related use cases

59[![](/images/codex/codex-wallpaper-3.webp)

61### Iterate on difficult problems

63Give Codex an evaluation system, such as scripts and reviewable artifacts, so it can keep...

65Engineering Analysis](https://developers.openai.com/codex/use-cases/iterate-on-difficult-problems)[![](/images/codex/codex-wallpaper-1.webp)

67### Create browser-based games

69Use Codex to turn a game brief into first a well-defined plan, and then a real browser-based...

71Engineering Code](https://developers.openai.com/codex/use-cases/browser-games)[![](/images/codex/codex-wallpaper-2.webp)

73### Analyze datasets and ship reports

75Use Codex to clean data, join sources, explore hypotheses, model results, and package the...

77Data Analysis](https://developers.openai.com/codex/use-cases/datasets-and-reports)

use-cases/datasets-and-reports.md +13 −0 added

Details

1# Analyze datasets and ship reports | Codex use cases

3Need

5Analysis stack

7Default options

9[pandas](https://pandas.pydata.org/) with [matplotlib](https://matplotlib.org/) or [seaborn](https://seaborn.pydata.org/)

11Why it's needed

13Good defaults for import, profiling, joins, cleaning, and the first round of charts.

use-cases/figma-designs-to-code.md +13 −0 added

Details

1# Turn Figma designs into code | Codex use cases

3Need

5Design source

7Default options

9[Figma](https://www.figma.com/)

11Why it's needed

13A concrete frame or component selection keeps the implementation grounded.

use-cases/frontend-designs.md +110 −0 added

Details

1# Build responsive front-end designs | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Use Codex to translate screenshots and design briefs into code that matches the repo's design system, then use Playwright to compare the implementation to your references for different screen sizes and iterate until it looks right.

7Intermediate

91h

11Related links

13[Codex skills](https://developers.openai.com/codex/skills)

15## Best for

17 - Creating new front-end projects from scratch

18- Implementing already designed screens or flows from screenshots in an existing codebase

20## Skills & Plugins

22- [Playwright](https://github.com/openai/skills/tree/main/skills/.curated/playwright-interactive)

24 Open the app in a real browser to verify the implementation and iterate on layout and behavior.

26## Starter prompt

28Implement this UI in the current project using the screenshots and notes I provide as the source of truth.

29 Requirements:

30 - Reuse the existing design system components and tokens.

31- Translate the screenshots into this repo's utilities and component patterns instead of inventing a parallel system.

32 - Match spacing, layout, hierarchy, and responsive behavior closely.

33 - Respect the repo's routing, state, and data-fetch patterns.

34 - Make the page responsive on desktop and mobile.

35- If any screenshot detail is ambiguous, choose the simplest implementation that still matches the overall direction and note the assumption briefly.

36 Validation:

37- Compare the finished UI against the provided screenshots for both look and behavior.

38- Use $playwright-interactive to check that the UI matches the references and iterate as needed until it does.

40## Introduction

42When you have screenshots, a short design brief, or a few references for inspiration, Codex can turn those into responsive UI without ignoring the patterns already established in your project.

44With the Playwright skill, Codex can open the app in a real browser, compare the implementation to your screenshots for different screen sizes, and iterate on layout or behavior until the result is closer to the target.

46## Start from references

48Give Codex the clearest references you have for the UI you want. A single screenshot can be enough for a narrow task, but the handoff gets better when you include multiple states such as desktop and mobile layouts, hover or selected states, and any empty or loading views that matter.

50The references do not need to be perfect design deliverables. They just need to make the intended hierarchy, spacing, and direction concrete enough that Codex is not guessing.

52## Be specific

54The more specific you are about the expected interaction patterns and the style you want, the better the result will be.

55The model tends to default to high-frequency patterns and style so if it's not obvious from your references that you want something else, the UI might look generic.

56The more input you give, be it more reference inspiration or more specific instructions, the more you can expect to have a UI that stands out.

58## Prepare the design system

60Codex works best when the target repo already has a clear component layer. Codex can automatically use your existing component and design system instead of recreating them from scratch.

62If you think it's necessary (i.e. if you're not using a standard stack), specify to Codex which primitives to reuse, where your tokens live, and what the repo considers canonical for buttons, inputs, cards, typography, and icons.

64If you're starting from an existing codebase, it's very likely that Codex will understand on its own how to use your components and design system, but if starting from scratch, it's a good idea to be explicit.

66Ask Codex to treat the screenshots as a visual target but to translate that target into the project's actual utilities, component wrappers, color system, typography scale, spacing tokens, routing, state management, and data-fetch patterns.

68## Leverage Playwright

70Playwright is a great tool to help Codex iterate on the UI. With it, Codex can open the app in a real browser, compare the implementation to the screenshots you provided, and iterate on layout or behavior.

72It can resize the browser window to different screen sizes and check the layout at different breakpoints.

74Make sure you have the Playwright interactive skill enabled in Codex. For more details, see the [skills documentation](https://developers.openai.com/codex/skills).

76## Iterate

78The first pass should already be directionally close to the screenshots. For complex layouts, interactions, or animation-heavy UI, expect a few rounds of adjustment.

80Ask Codex to compare the implementation back to the screenshots, not just whether the page builds. When conflicts come up, it should prefer the repo's design-system tokens and only make minimal spacing or sizing adjustments needed to preserve the overall look of the design.

82Use additional screenshots or short notes if they help clarify states that are not obvious from one image.

84### Suggested follow-up prompt

86[current implementation image] [reference image]

87This doesn't look right. Make sure to implement something that matches closely the reference:

88[if needed, specify what is different]

90## Related use cases

92[![](/images/codex/codex-wallpaper-2.webp)

94### Turn Figma designs into code

96Use Codex to pull design context, assets, and variants from Figma, translate them into code...

98Front-end Design](https://developers.openai.com/codex/use-cases/figma-designs-to-code)[![](/images/codex/codex-wallpaper-3.webp)

100### Generate slide decks

101

102Use Codex to update existing presentations or build new decks by editing slides directly...

103

104Data Workflow](https://developers.openai.com/codex/use-cases/generate-slide-decks)[![](/images/codex/codex-wallpaper-1.webp)

105

106### Create browser-based games

107

108Use Codex to turn a game brief into first a well-defined plan, and then a real browser-based...

109

110Engineering Code](https://developers.openai.com/codex/use-cases/browser-games)

use-cases/generate-slide-decks.md +145 −0 added

Details

1# Generate slide decks | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Use Codex to update existing presentations or build new decks by editing slides directly through code, generating visuals, and applying repeatable layout rules slide by slide.

7Easy

930m

11Related links

13[Image generation guide](https://developers.openai.com/api/docs/guides/image-generation)

15## Best for

17 - Teams turning notes or structured inputs into repeatable slide decks

18 - Creating new visual presentations from scratch

19- Rebuilding or extending decks from screenshots, PDFs, or reference presentations

21## Skills & Plugins

23- [Slides](https://github.com/openai/skills/tree/main/skills/.curated/slides)

25 Create and edit `.pptx` decks in JavaScript with PptxGenJS, bundled helpers, and render and validation scripts for overflow, overlap, and font checks.

26- [ImageGen](https://github.com/openai/skills/tree/main/skills/.curated/imagegen)

28 Generate illustrations, cover art, diagrams, and slide visuals that match one reusable visual direction.

30## Starter prompt

32Use $slides with $imagegen to edit this slide deck in the following way:

33 - If present, add logo.png in the bottom right corner on every slide

34- On slides X, Y and Z, move the text to the left and use image generation to generate an illustration (style: abstract, digital art) on the right

35- Preserve text as text and simple charts as native PowerPoint charts where practical.

36 - Add these slides: [describe new slides here]

37- Use the existing branding on new slides and new text (colors, fonts, layout, etc.)

38- Render the updated deck to slide images, review the output, and fix layout issues before delivery.

39- Run overflow and font-substitution checks before delivery, especially if the deck is dense.

40- Save reusable prompts or generation notes when you create a batch of related images.

41 Output:

42 - A copy of the slide deck with the changes applied

43 - notes on which slides were generated, rewritten, or left unchanged

45## Introduction

47You can use Codex to manipulate PowerPoint decks in a systematic way, using the Slides skill to create and edit decks with PptxGenJS, and using image generation to generate visuals for the slides.

49Skills can be installed directly from the Codex app–see our [skills documentation](https://developers.openai.com/codex/skills) for more details.

51You can create new decks from scratch, describing what you want, but the ideal workflow is to start from an existing deck–already set up with your branding guidelines–and ask Codex to edit it.

53## Start from the source deck and references

55If a deck already exists, ask Codex to inspect it before making changes.

57The slides skill is opinionated here: match the source aspect ratio before you rebuild layout, and default to 16:9 only when the source material does not already define the deck size. If the references are screenshots or a PDF, ask Codex to render or inspect them first so it can compare slide geometry visually instead of guessing.

59## Keep the deck editable

61When building out new slides, ask Codex to keep the slides editable: when slides contain text, charts, or simple layout elements, those should stay PowerPoint-native when practical. Text should stay text. Simple bar, line, pie, and histogram visuals should stay native charts when possible. For diagrams or visuals that are too custom for native slide objects, Codex can generate or place SVG and image assets deliberately instead of rasterizing the whole slide.

63For example, if you want to build a complex timeline with illustrations, instead of generating a whole image, ask Codex to generate each illustration separately (using a set style prompt as reference), place them on the slide, then link them using native lines. The text and dates should be text objects as well, and not included in the illustrations.

65## Generate visuals intentionally

67Image generation is most useful when the slides need a cover image, a concept illustration, or a lightweight diagram that would otherwise take manual design work. Ask Codex to define the visual direction first, then reuse that direction consistently across the whole deck.

69When several slides need related visuals, have Codex save the prompts or generation notes it used. That makes the deck easier to extend later without starting over stylistically.

71## Keep slide logic explicit

73Deck automation works better when Codex treats each slide as its own decision. Some slides should preserve exact copy, some need a stronger headline and cleaner structure, and some should stay mostly untouched apart from asset cleanup or formatting fixes.

75The slides skill also ships with bundled layout helpers. Ask Codex to copy those helpers into the working directory and reuse them instead of reimplementing spacing, text-sizing, and image-placement logic on every deck.

77## Validation before delivery

79Decks are easy to get almost right and still ship with clipped text, substituted fonts, or layout drift that only shows up after export. The slides skill includes scripts to render decks to per-slide PNGs, build a quick montage for review, detect overflow beyond the slide canvas, and report missing or substituted fonts.

81Ask Codex to use those checks before it hands back the final deck, especially when slides are dense or margins are tight.

83## Example ideas

85Here are some ideas you could try with this use case:

87### New deck from scratch

89You can create new slide decks from scratch, describing what you want slide by slide and the overall vibe.

90If you have assets like logos or images, you can copy them in the same folder so that Codex can easily access them.

92Create a new slide deck with the following slides:

93- Slide 1: Title slide with the company logo (logo.png) and the title of the presentation

94- Slide 2: Agenda slide with the key points of the presentation

95- Slide 3: [TITLE] [TAGLINE] [DESCRIPTION]

96- ...

97- Slide N: Conclusion slide with the key takeaways

98- Slide N+1: Q&A slide with my picture (my-picture.png)

100### Deck template update

101

102You can update a deck template on a regular basis (weekly, monthly, quarterly, etc.) with new content.

103If you're doing this frequently, create a file like `guidelines.md` to define the content and structure of the deck and how it should be updated.

104

105Combine it with other skills to fetch information from your preferred data

106 sources.

107

108For example, if you need to give quarterly updates to your stakeholders, you can update the deck template with new numbers and insights.

109

110Update the deck template, pulling content from [integration 1] and [integration 2].

111Make sure to follow guidelines defined in guidelines.md.

112

113### Adjust existing deck

114

115If you built a deck but want to adjust it to fix spacing, misaligned text, or other layout issues, you can ask Codex to fix it.

116

117Adjust the deck to make sure the following layout rules are followed:

118- Spacing should be consistent when there are multiple items on the same slide displayed in a row or grid.

119- When there are multiple items on the same slide displayed in a row or grid, the items are aligned horizontally or vertically depending on the content.

120- All text boxes should be aligned left, except when they are below an illustration

121- All titles should use the font [font name] and size [size]

122- All captions should be in [color]

123- ....

124

125## Related use cases

126

127[![](/images/codex/codex-wallpaper-2.webp)

128

129### Kick off coding tasks from Slack

130

131Mention `@Codex` in Slack to start a task tied to the right repo and environment, then...

132

133Integrations Workflow](https://developers.openai.com/codex/use-cases/slack-coding-tasks)[![](/images/codex/codex-wallpaper-2.webp)

134

135### Analyze datasets and ship reports

136

137Use Codex to clean data, join sources, explore hypotheses, model results, and package the...

138

139Data Analysis](https://developers.openai.com/codex/use-cases/datasets-and-reports)[![](/images/codex/codex-wallpaper-2.webp)

140

141### Build responsive front-end designs

142

143Use Codex to translate screenshots and design briefs into code that matches the repo's...

144

145Front-end Design](https://developers.openai.com/codex/use-cases/frontend-designs)

use-cases/github-code-reviews.md +75 −0 added

Details

1# Review pull requests faster | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Use Codex in GitHub to automatically surface regressions, missing tests, and documentation issues directly on a pull request.

7Easy

95s

11Related links

13[Use Codex in GitHub](https://developers.openai.com/codex/integrations/github) [Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md)

15## Best for

17 - Teams that want another review signal before human merge approval

18 - Large codebases for projects in production

20## Skills & Plugins

22- [Security Best Practices](https://github.com/openai/skills/tree/main/skills/.curated/security-best-practices)

24 Focus the review on risky surfaces such as secrets, auth, and dependency changes.

26## Starter prompt

28@codex review for security regressions, missing tests, and risky behavior changes.

30## How to use

32Start by adding Codex code review to your GitHub organization or repository. See [Use Codex in GitHub](https://developers.openai.com/codex/integrations/github) for more details.

34You can set up Codex to automatically review every pull request, or you can request a review with `@codex review` in a pull request comment.

36If Codex flags a regression or potential issue, you can ask it to fix it by commenting on the pull request with a follow-up prompt like `@codex fix it`.

38This will start a new cloud task that will fix the issue and update the pull request.

40## Define additional guidance

42To customize what Codex reviews, add or update a top-level `AGENTS.md` with a section like this:

44```md

45## Review guidelines

47- Flag typos and grammar issues as P0 issues.

48- Flag potential missing documentation as P1 issues.

49- Flag missing tests as P1 issues.

50 ...

51```

53Codex applies guidance from the closest `AGENTS.md` to each changed file. You can place more specific instructions deeper in the tree when particular packages need extra scrutiny.

55## Related use cases

57[![](/images/codex/codex-wallpaper-1.webp)

59### Bring your app to ChatGPT

61Build one narrow ChatGPT app outcome end to end: define the tools, scaffold the MCP server...

63Integrations Code](https://developers.openai.com/codex/use-cases/chatgpt-apps)[![](/images/codex/codex-wallpaper-3.webp)

65### Generate slide decks

67Use Codex to update existing presentations or build new decks by editing slides directly...

69Data Workflow](https://developers.openai.com/codex/use-cases/generate-slide-decks)[![](/images/codex/codex-wallpaper-2.webp)

71### Kick off coding tasks from Slack

73Mention `@Codex` in Slack to start a task tied to the right repo and environment, then...

75Integrations Workflow](https://developers.openai.com/codex/use-cases/slack-coding-tasks)

use-cases/iterate-on-difficult-problems.md +136 −0 added

Details

1# Iterate on difficult problems | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Give Codex an evaluation system, such as scripts and reviewable artifacts, so it can keep improving a hard task until the scores are good enough.

7Advanced

9Long-running

11Related links

13[Custom instructions with AGENTS.md](https://developers.openai.com/codex/guides/agents-md) [Codex workflows](https://developers.openai.com/codex/workflows)

15## Best for

17- Problems where each iteration can be scored, but the best result usually takes many passes

18- Tasks with visual or subjective outputs that need both deterministic checks and an LLM-as-a-judge score

19- Long-running Codex sessions where you want progress tracked clearly instead of relying on context

21## Starter prompt

23I have a difficult task in this workspace and I want you to run it as an eval-driven improvement loop.

24 Before changing anything:

25 - Read `AGENTS.md`.

26 - Find the script or command that scores the current output.

27 Iteration loop:

28 - Make one focused improvement at a time.

29 - Re-run the eval command after each meaningful change.

30 - Log the scores and what changed.

31- Inspect generated artifacts directly. If the output is visual, use `view\_image`.

32 - Keep going until both the overall score and the LLM average are above 90%.

33 Constraints:

34 - Do not stop at the first acceptable result.

35- Do not revert to an earlier version unless the new result is clearly worse in scores or artifacts.

36- If the eval improves but is still below target, explain the bottleneck and continue.

37 Output:

38 - current best scores

39 - log of major iterations

40 - remaining risks or weak spots

42## Introduction

44Some tasks are easy to verify in one shot: the build passes, the tests go green, and you are done. But there are some optimization problems that are difficult to solve, and need many iterations with a tight evaluation loop. To know which direction to go in, Codex needs to inspect the current output, score it, decide the next change, and repeat until the result is actually good.

46This type of use case pairs well with a custom UI that lets you inspect progress visually, by having Codex log the outputs and generated artifacts for each iteration.

47You can watch Codex continue working in the app while the target artifact, model output, or generated asset keeps improving.

48The key is to give Codex the necessary scripts to generate the evaluation metrics and the artifacts to inspect.

50## Start with evals

52Before the task begins, define how success will be measured. The best setup usually combines:

54- **Deterministic checks:** things the scripts can score directly, such as constraint violations or deterministic metrics computed with code

55- **LLM-as-a-judge checks:** rubric-based scores for qualities that are harder to encode exactly, such as resemblance, readability, usefulness, or overall quality - this can rely on text or image outputs

57If the subjective part matters, give Codex a script that can call a model for example using the [Responses API](https://developers.openai.com/api/reference/resources/responses/methods/create) and return structured scores. The point is not to replace deterministic checks, it's to supplement them with a consistent judge for the part humans would otherwise assess by eye.

59The loop works best when the eval output is machine-readable, saved after every run, and easy to compare over time.

61**Tip**: Ask Codex to generate the evaluation script for you, describing the

62 checks you want to run.

64## Give Codex a stopping rule

66Hard tasks often drift because the prompt says “keep improving” without saying when to stop. Make the stopping rule explicit.

68A practical pattern is:

701. Set a target for the overall score.

712. Set a separate target for the LLM-judge average.

723. Tell Codex to continue until both are above the threshold, not just one.

74For example, if the goal is a high-quality artifact, ask Codex to keep going until both the overall score and the LLM average are above 90%. That makes the task legible: Codex can tell whether it is still below target, where the gap is, and whether the latest change helped.

76## Keep a running log of the loop

78Long-running work is much more reliable when Codex keeps notes about the loop instead of trying to remember everything from the thread.

80That running log should record:

82- the current best scores

83- what changed on the last iteration

84- what the eval said got better or worse

85- what Codex plans to try next

87This is especially important when the task runs for a long time. The log becomes the handoff point for the next session and the self-evaluation record for the current one.

89## Inspect the artifact, not just the logs

91For some difficult tasks, the code diff and metric output are not enough. Codex should look at the artifact it produced.

93If the output is visual, such as a generated image, layout, or rendered state, let Codex inspect that artifact directly, for example when the output lives on disk as an image and compare the current result to the prior best result or to the intended rubric.

95This makes the loop stronger:

97- the eval script reports the score

98- the artifact shows what the score missed

99- the next change is grounded in both

100

101That combination is much more effective than changing code blindly between runs.

102

103## Make every iteration explicit

104

105Ask Codex to follow the same loop every time:

106

1071. Run the evals on the current baseline.

1082. Identify the biggest failure mode from the scores and artifacts.

1093. Make one focused change that addresses that bottleneck.

1104. Re-run the evals.

1115. Log the new scores and whether the change helped.

1126. Continue until the thresholds are met.

113

114This discipline matters. If each iteration changes too many things at once, Codex cannot tell which idea improved the score. If it skips logging, the session becomes hard to trust and hard to resume.

115

116## Related use cases

117

118[![](/images/codex/codex-wallpaper-1.webp)

119

120### Understand large codebases

121

122Use Codex to map unfamiliar codebases, explain different modules and data flow, and point...

123

124Engineering Analysis](https://developers.openai.com/codex/use-cases/codebase-onboarding)[![](/images/codex/codex-wallpaper-1.webp)

125

126### Create browser-based games

127

128Use Codex to turn a game brief into first a well-defined plan, and then a real browser-based...

129

130Engineering Code](https://developers.openai.com/codex/use-cases/browser-games)[![](/images/codex/codex-wallpaper-2.webp)

131

132### Analyze datasets and ship reports

133

134Use Codex to clean data, join sources, explore hypotheses, model results, and package the...

135

136Data Analysis](https://developers.openai.com/codex/use-cases/datasets-and-reports)

use-cases/native-ios-macos-apps.md +13 −0 added

Details

1# Build for iOS and macOS | Codex use cases

3Need

5Project automation

7Default options

9[XcodeBuildMCP](https://www.xcodebuildmcp.com/)

11Why it's needed

13A strong option once you need Codex to inspect schemes and targets, launch the app, capture screenshots, and keep iterating without leaving the agentic loop.

use-cases/slack-coding-tasks.md +59 −0 added

Details

1# Kick off coding tasks from Slack | Codex use cases

3[← All use cases](https://developers.openai.com/codex/use-cases)

5Mention `@Codex` in Slack to start a task tied to the right repo and environment, then review the result back in the thread or in Codex cloud.

7Easy

95m

11Related links

13[Use Codex in Slack](https://developers.openai.com/codex/integrations/slack) [Codex cloud environments](https://developers.openai.com/codex/cloud/environments)

15## Best for

17- Async handoffs that start in a Slack thread and already have enough context to act on

18- Teams that want quick issue triage, bug fixes, or scoped implementation work without context switching

20## Starter prompt

22@Codex analyze the issue mentioned in this thread and implement a fix in <name of your environment>.

24## How to use

261. Install the Slack app, connect the right repositories and environments, and add `@Codex` to the channel.

272. Mention `@Codex` in a thread with a clear request, constraints, and the outcome you want.

283. Open the task link, review the result, and continue the follow-up in Slack if the task needs another pass.

30You can learn more about how to use Codex in Slack in the [dedicated guide](https://developers.openai.com/codex/integrations/slack).

32## Tips

34- If the thread does not already include enough context or suggested fix, include in your prompt some guidance

35- Make sure the repo and environment mapping are correct by mentioning the name of the project or environment in your prompt

36- Scope the request so Codex can finish it without a second planning loop

37- If your project is a large codebase, guide Codex by mentioning which files or folders are relevant to the task

39## Related use cases

41[![](/images/codex/codex-wallpaper-3.webp)

43### Generate slide decks

45Use Codex to update existing presentations or build new decks by editing slides directly...

47Data Workflow](https://developers.openai.com/codex/use-cases/generate-slide-decks)[![](/images/codex/codex-wallpaper-2.webp)

49### Analyze datasets and ship reports

51Use Codex to clean data, join sources, explore hypotheses, model results, and package the...

53Data Analysis](https://developers.openai.com/codex/use-cases/datasets-and-reports)[![](/images/codex/codex-wallpaper-1.webp)

55### Bring your app to ChatGPT

57Build one narrow ChatGPT app outcome end to end: define the tools, scaffold the MCP server...

59Integrations Code](https://developers.openai.com/codex/use-cases/chatgpt-apps)

windows.md +189 −13

Details

1# Windows1# Windows

2 2

3The easiest way to use Codex on Windows is to use the [Codex app](https://developers.openai.com/codex/app/windows). You can also [set up the IDE extension](https://developers.openai.com/codex/ide) or [install the CLI](https://developers.openai.com/codex/cli) and run it from PowerShell.3Use Codex on Windows with the native [Codex app](https://developers.openai.com/codex/app/windows), the

4[CLI](https://developers.openai.com/codex/cli), or the [IDE extension](https://developers.openai.com/codex/ide).

4 5

5[![](/images/codex/codex-banner-icon.webp)6[![](/images/codex/codex-banner-icon.webp)

6 7

8 9

9Work across projects, run parallel agent threads, and review results in one place with the native Windows app.](https://developers.openai.com/codex/app/windows)10Work across projects, run parallel agent threads, and review results in one place with the native Windows app.](https://developers.openai.com/codex/app/windows)

10 11

11When you run Codex natively on Windows, agent mode uses a [Windows sandbox](#windows-sandbox) to block filesystem writes outside the working folder and prevent network access without your explicit approval. [Learn more below](#windows-sandbox).12Depending on the surface and your setup, Codex can run on Windows in three

13practical ways:

12 14

~~13If you prefer to have Codex use [Windows Subsystem for Linux](https://learn.microsoft.com/en-us/windows/wsl/install) (WSL2), [read the instructions](#windows-subsystem-for-linux) below.~~15- natively on Windows with the stronger `elevated` sandbox,

16- natively on Windows with the fallback `unelevated` sandbox,

17- or inside [Windows Subsystem for Linux](https://learn.microsoft.com/en-us/windows/wsl/install) (WSL), which uses the Linux sandbox implementation.

14 18

15## Windows sandbox19## Windows sandbox

16 20

~~17Native Windows sandbox support includes two modes that you can configure in `config.toml`:~~21When you run Codex natively on Windows, agent mode uses a Windows sandbox to

22block filesystem writes outside the working folder and prevent network access

23without your explicit approval.

18 24

~~19```~~25Native Windows sandbox support includes two modes that you can configure in

26`config.toml`:

28```toml

20[windows]29[windows]

~~21sandbox = "unelevated" # or "elevated"~~30sandbox = "elevated" # or "unelevated"

22```31```

23 32

~~24How `elevated` mode works:~~33`elevated` is the preferred native Windows sandbox. It uses dedicated

34lower-privilege sandbox users, filesystem permission boundaries, firewall

35rules, and local policy changes needed for sandboxed command execution.

37`unelevated` is the fallback native Windows sandbox. It runs commands with a

38restricted Windows token derived from your current user, applies ACL-based

39filesystem boundaries, and uses environment-level offline controls instead of

40the dedicated offline-user firewall rule. It is weaker than `elevated`, but it

41is still useful when administrator-approved setup is blocked by local or

42enterprise policy.

25 43

~~26- Uses a Restricted Token approach with filesystem ACLs to limit which files the sandbox can write to.~~44If both modes are available, use `elevated`. If the default native sandbox

~~27- Runs commands as a dedicated Windows Sandbox User.~~45doesn't work in your environment, use `unelevated` as a fallback while you

~~28- Limits network access by installing Windows Firewall rules.~~46troubleshoot the setup.

48By default, both sandbox modes also use a private desktop for stronger UI

49isolation. Set `windows.sandbox_private_desktop = false` only if you need the

50older `Winsta0\\Default` behavior for compatibility.

29 51

30### Sandbox permissions52### Sandbox permissions

31 53

37 Codex attempt to solve problems without asking for escalated permissions,59 Codex attempt to solve problems without asking for escalated permissions,

38 based on your [approval and security setup](https://developers.openai.com/codex/agent-approvals-security).60 based on your [approval and security setup](https://developers.openai.com/codex/agent-approvals-security).

39 61

62### Windows version matrix

64| Windows version | Support level | Notes |

65| -------------------------------- | --------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |

66| Windows 11 | Recommended | Best baseline for Codex on Windows. Use this if you are standardizing an enterprise deployment. |

67| Recent, fully updated Windows 10 | Best effort | Can work, but is less reliable than Windows 11. For Windows 10, Codex depends on modern console support, including ConPTY. In practice, Windows 10 October 2018 Update or newer is required. |

68| Older Windows 10 builds | Not recommended | More likely to miss required console components such as ConPTY and more likely to fail in enterprise setups. |

70Additional environment assumptions:

72- `winget` should be available. If it is missing, update Windows or install

73 the Windows Package Manager before setting up Codex.

74- The recommended native sandbox depends on administrator-approved setup.

75- Some enterprise-managed devices block the required setup steps even when the

76 OS version itself is acceptable.

40### Grant sandbox read access78### Grant sandbox read access

41 79

42When a command fails because the Windows sandbox can't read a directory, use:80When a command fails because the Windows sandbox can't read a directory, use:

47 85

48The path must be an existing absolute directory. After the command succeeds, later commands that run in the sandbox can read that directory during the current session.86The path must be an existing absolute directory. After the command succeeds, later commands that run in the sandbox can read that directory during the current session.

49 87

88We recommend using the native Windows sandbox by default. The native Windows sandbox will offer the best perfomance and highest speeds while keeping the same security. Choose WSL when you

89need a Linux-native environment on Windows, when your workflow already lives in

90WSL, or when neither native Windows sandbox mode meets your needs.

50## Windows Subsystem for Linux92## Windows Subsystem for Linux

51 93

94If you choose WSL, Codex runs inside the Linux environment instead of using the

95native Windows sandbox. This is useful if you need Linux-native tooling on

96Windows, if your repositories and developer workflow already live in WSL, or

97if neither native Windows sandbox mode works for your environment.

52### Launch VS Code from inside WSL99### Launch VS Code from inside WSL

53 100

54For step-by-step instructions, see the [official VS Code WSL tutorial](https://code.visualstudio.com/docs/remote/wsl-tutorial).101For step-by-step instructions, see the [official VS Code WSL tutorial](https://code.visualstudio.com/docs/remote/wsl-tutorial).

84 `WSL: Reopen Folder in WSL`, and keep your repository under `/home/...` (not131 `WSL: Reopen Folder in WSL`, and keep your repository under `/home/...` (not

85 `C:\`) for best performance.132 `C:\`) for best performance.

86 133

134If the Windows app or project picker does not show your WSL repository, type

135`\wsl$` into the file picker or Explorer, then navigate to your

136 distro's home directory.

137

87### Use Codex CLI with WSL138### Use Codex CLI with WSL

88 139

89Run these commands from an elevated PowerShell or Windows Terminal:140Run these commands from an elevated PowerShell or Windows Terminal:

124 175

125## Troubleshooting and FAQ176## Troubleshooting and FAQ

126 177

127#### Installed extension, but it’s unresponsive178If you are troubleshooting a managed Windows machine, start with the native

179sandbox mode, Windows version, and any policy error shown by Codex. Most native

180Windows support issues come from sandbox setup, logon rights, or filesystem

181permissions rather than from the editor itself.

182

183My native sandbox setup failed

184

185If Codex cannot complete the `elevated` sandbox setup, the most common causes

186are:

187

188- the Windows UAC or administrator prompt was declined,

189- the machine does not allow local user or group creation,

190- the machine does not allow firewall rule changes,

191- the machine blocks the logon rights needed by the sandbox users,

192- or another enterprise policy blocks part of the setup flow.

193

194What to try:

195

1961. Try the `elevated` sandbox setup again and approve the administrator prompt

197 if your environment allows it.

1982. If your company laptop blocks this, ask your IT team whether the machine

199 allows administrator-approved setup for local user/group creation, firewall

200 configuration, and the required sandbox-user logon rights.

2013. If the default setup still fails, use the `unelevated` sandbox so you can

202 continue working while the issue is investigated.

203

204Codex switched me to the unelevated sandbox

205

206This means Codex could not finish the stronger `elevated` sandbox setup on your

207machine.

208

209- Codex can still run in a sandboxed mode.

210- It still applies ACL-based filesystem boundaries, but it does not use the

211 separate sandbox-user boundary from `elevated` and has weaker network

212 isolation.

213- This is a useful fallback, but not the preferred long-term enterprise

214 configuration.

215

216If you are on a managed enterprise laptop, the best long-term fix is usually to

217get the `elevated` sandbox working with help from your IT team.

218

219I see Windows error 1385

220

221If sandboxed commands fail with error `1385`, Windows is denying the logon type

222the sandbox user needs in order to start the command.

223

224In practice, this usually means Codex created the sandbox users successfully,

225but Windows policy is still preventing those users from launching sandboxed

226commands.

227

228What to do:

229

2301. Ask your IT team whether the device policy grants the required logon rights

231 to the Codex-created sandbox users.

2322. Compare group policy or OU differences if the issue affects only some

233 machines or teams.

2343. If you need to keep working immediately, use the `unelevated` sandbox while

235 the policy issue is investigated.

2364. Send `CODEX_HOME/.sandbox/sandbox.log` along with your Windows version and a

237 short description of the failure.

238

239Codex warns that some folders are writable by Everyone

240

241Codex may warn that some folders are writable by `Everyone`.

242

243If you see this warning, Windows permissions on those folders are too broad for

244the sandbox to fully protect them.

245

246What to do:

247

2481. Review the folders Codex lists in the warning.

2492. Remove `Everyone` write access from those folders if that is appropriate in

250 your environment.

2513. Restart Codex or re-run the sandbox setup after those permissions are

252 corrected.

253

254If you are not sure how to change those permissions, ask your IT team for help.

255

256Sandboxed commands cannot reach the network

257

258Some Codex tasks are intentionally run without outbound network access,

259depending on the permissions mode in use.

260

261If a task fails because it cannot reach the network:

262

2631. Check whether the task was supposed to run with network disabled.

2642. If you expected network access, restart Codex and try again.

2653. If the issue keeps happening, collect the sandbox log so the team can check

266 whether the machine is in a partial or broken sandbox state.

267

268Sandboxing worked before and then stopped

269

270This can happen after:

271

272- moving a repo or workspace,

273- changing machine permissions,

274- changing Windows policies,

275- or other system configuration changes.

276

277What to try:

278

2791. Restart Codex.

2802. Try the `elevated` sandbox setup again.

2813. If that does not fix it, use the `unelevated` sandbox as a temporary

282 fallback.

2834. Collect the sandbox log for review.

284

285I need to send diagnostics to OpenAI

286

287If you still have problems, send:

288

289- `CODEX_HOME/.sandbox/sandbox.log`

290

291It is also helpful to include:

292

293- a short description of what you were trying to do,

294- whether the `elevated` sandbox failed or the `unelevated` sandbox was used,

295- any error message shown in the app,

296- whether you saw `1385` or another Windows or PowerShell error,

297- and whether you are on Windows 11 or Windows 10.

298

299Do not send:

300

301- the contents of `CODEX_HOME/.sandbox-secrets/`

302

303The IDE extension is installed but unresponsive

128 304

129Your system may be missing C++ development tools, which some native dependencies require:305Your system may be missing C++ development tools, which some native dependencies require:

130 306

134 310

135Then fully restart VS Code after installation.311Then fully restart VS Code after installation.

136 312

137#### If it feels slow on large repositories313Large repositories feel slow in WSL

138 314

139- Make sure you’re not working under `/mnt/c`. Move the repository to WSL (for example, `~/code/…`).315- Make sure you’re not working under `/mnt/c`. Move the repository to WSL (for example, `~/code/…`).

140- Increase memory and CPU for WSL if needed; update WSL to the latest version:316- Increase memory and CPU for WSL if needed; update WSL to the latest version:

144 wsl --shutdown320 wsl --shutdown

145 ```321 ```

146 322

147#### VS Code in WSL can’t find `codex`323VS Code in WSL cannot find codex

148 324

149Verify the binary exists and is on PATH inside WSL:325Verify the binary exists and is on PATH inside WSL:

150 326

OpenAI - Codex Docs Changes 2026-03-13 00:34 UTC → 2026-03-31 06:35 UTC