Codex CLI

What It Does

Codex CLI is OpenAI’s open-source (Apache-2.0) terminal-based AI coding agent. It runs locally on the developer’s machine and can read, edit, and execute code against real repositories in an interactive loop. The agent combines local execution with OpenAI’s hosted models (o3, o4-mini, GPT-5-Codex), making it one of the few open-source agents with a first-party optimized model behind it.

The codebase was fully rewritten from TypeScript to Rust (v0.98.0 onward), improving performance and enabling the OS-level sandboxing that restricts agent actions to the current workspace by default. Codex CLI supports MCP servers, AGENTS.md project instructions, subagent workflows, and enterprise proxy configurations, positioning it as a direct terminal-based competitor to Claude Code.

Key Features

• Approval modes: Three modes — suggest (read-only, proposes changes for approval), auto-edit (edits files without prompting, asks before shell commands), and full-auto (executes everything autonomously within sandbox)
• OS-enforced sandboxing: Restricts file access to current working directory by default; network access blocked unless explicitly permitted
• AGENTS.md project instructions: Reads per-repo configuration from AGENTS.md, with closest-ancestor file taking precedence; compatible with 60,000+ open-source projects and tools like Cursor, Copilot, Gemini CLI, and Aider
• Subagent delegation: Spawns bounded child agent sessions for parallel task execution; each subagent gets a fresh context window for context isolation
• MCP client support: Configures STDIO and streaming HTTP MCP servers for tool integration
• GPT-5-Codex model: Purpose-fine-tuned version of GPT-5 optimized for agentic coding; trained specifically for software engineering tasks
• Enterprise features (v0.116.0+): Custom CA certificates for corporate firewalls, structured network policies, hooks system for prompt interception and auditing
• GitHub integration: Codex Action for CI workflows; codex-action for triggering agent tasks on PRs and issues
• Rust codebase: Rewritten from TypeScript for performance and native OS sandboxing

Use Cases

• Local repository iteration: Interactive terminal sessions for reading, editing, and testing code across a real codebase
• Parallel task execution: Spawning subagents to handle independent work streams (e.g., finding symbol definitions while writing tests)
• CI-integrated code changes: Using codex-action to have the agent apply fixes or implement features triggered by GitHub events
• Enterprise-controlled coding: Organizations needing AGENTS.md-based policy control, proxy support, and audit hooks over developer AI tool usage
• Offline-capable development: Local-first execution with Ollama or local model backends (via open-source fork configurations)

Adoption Level Analysis

Small teams (<20 engineers): Good fit. Apache-2.0 license, zero infrastructure beyond OpenAI API key, and the default sandboxed auto-edit mode is safe enough for individual use. The suggest mode provides training wheels for teams new to agentic coding. Cost is per-token via OpenAI API.

Medium orgs (20-200 engineers): Good fit with governance. AGENTS.md provides a mechanism for encoding team conventions at the repo level. The v0.116.0 enterprise hooks system enables prompt auditing, which helps compliance-conscious teams. The main gap is centralized policy management — each repo needs its own AGENTS.md, and there is no org-level configuration system.

Enterprise (200+ engineers): Emerging fit. Enterprise proxy support (v0.116.0) unblocks corporate firewall environments. The hooks system enables audit logging. However, enterprise-grade governance (RBAC, centralized policy, multi-tenant isolation, access control to specific models) is not yet built in. Teams needing that level of control should evaluate Claude Code Enterprise or pair Codex CLI with a gateway like Portkey or LiteLLM.

Alternatives

Evidence & Sources

• OpenAI Codex CLI GitHub Repository — source code, 73k+ stars
• OpenAI Codex CLI Features Documentation — official feature reference
• OpenAI Codex CLI Enterprise Features (Augment Code) — analysis of v0.116.0 enterprise capabilities
• OpenAI Codex Review 2026 — From Daily Use (Zack Proser) — independent practitioner review
• Codex Gets Subagents: The Parallel AI Coding Pattern Is Now Industry Standard (Medium) — analysis of subagent architecture vs. Claude Code

Notes & Caveats

• OpenAI vendor lock-in by default: While the code is Apache-2.0, the agent is designed around OpenAI models. Using Codex CLI with non-OpenAI models requires configuration effort; the first-party experience is OpenAI-only.
• Pricing complexity: Usage caps, credit systems, and per-task limits vary between web interface, CLI, and API tiers. Multiple community complaints about capacity limits changing without notice (community.openai.com forum). Build workflows that tolerate API rate limits.
• Rust rewrite risks: The TypeScript-to-Rust rewrite (v0.98.0) introduced temporary regressions and changed extension points. Teams that built tooling around the TypeScript codebase needed to update.
• Sandbox evasion concern: OS-level sandboxing prevents access outside the workspace but does not prevent network egress within the sandbox by default. For air-gapped or sensitive codebases, explicitly disable network access (--no-network).
• AGENTS.md compatibility benefit: The shared AGENTS.md format (also supported by Claude Code, Cursor, Gemini CLI, and others) reduces lock-in at the project configuration layer, even if the model layer remains vendor-specific.
• Enterprise hooks system is new: The v0.116.0 hooks system for prompt auditing landed March 2026 and has not been widely evaluated in production. Treat as early-stage enterprise feature.