rules.md Codex Docs, 2026-02-20 12:16 UTC → 2026-05-01 18:29 UTC

6 6 

7## Create a rules file7## Create a rules file

8 8 

91. Create a `.rules` file under `./codex/rules/` (for example, `~/.codex/rules/default.rules`).91. Create a `.rules` file under a `rules/` folder next to an active config layer (for example, `~/.codex/rules/default.rules`).

102. Add a rule. This example prompts before allowing `gh pr view` to run outside the sandbox.102. Add a rule. This example prompts before allowing `gh pr view` to run outside the sandbox.

11 11 

12 ```python12 ```python

36 ```36 ```

373. Restart Codex.373. Restart Codex.

38 38 

39Codex scans `rules/` under every [Team Config](https://developers.openai.com/codex/enterprise/admin-setup#team-config) location at startup. When you add a command to the allow list in the TUI, Codex writes to the user layer at `~/.codex/rules/default.rules` so future runs can skip the prompt.39Codex scans `rules/` under every active config layer at startup, including [Team Config](https://developers.openai.com/codex/enterprise/admin-setup#team-config) locations and the user layer at `~/.codex/rules/`. Project-local rules under `<repo>/.codex/rules/` load only when the project `.codex/` layer is trusted.

40 

41When you add a command to the allow list in the TUI, Codex writes to the user layer at `~/.codex/rules/default.rules` so future runs can skip the prompt.

40 42 

41When Smart approvals are enabled (the default), Codex may propose a43When Smart approvals are enabled (the default), Codex may propose a

42`prefix_rule` for you during escalation requests. Review the suggested prefix44`prefix_rule` for you during escalation requests. Review the suggested prefix

43carefully before accepting it.45carefully before accepting it.

44 46 

45Admins can also enforce restrictive `prefix_rule` entries from47Admins can also enforce restrictive `prefix_rule` entries from

46[`requirements.toml`](https://developers.openai.com/codex/security#admin-enforced-requirements-requirementstoml).48[`requirements.toml`](https://developers.openai.com/codex/enterprise/managed-configuration#admin-enforced-requirements-requirementstoml).

47 49 

48## Understand rule fields50## Understand rule fields

49 51