Codex Overview
Architecture, sandbox-first design, and task-based model
Codex is OpenAI's coding agent, rebuilt in Rust and released in April 2025. Where Claude Code emphasizes interactive collaboration, Codex prioritizes speed and safety through a sandbox-first architecture.
The Rust rewrite eliminated Node.js dependencies, enabling zero-dependency installation and direct access to operating system security primitives.
Codex operates across three surfaces:
- Terminal CLI Command-line interface for local development
- IDE Extension Integration with VS Code and other editors
- Cloud Agent Accessible through ChatGPT for browser-based workflows
The same underlying agent handles all three surfaces, maintaining consistent behavior whether invoked from a command line or a browser.
The sandbox-first model
Codex treats sandboxing as foundational, not optional. Every command executes within OS-level containment Seatbelt on macOS, Landlock on Linux before any code runs.
Three sandbox modes control access:
| Mode | Behavior |
|---|---|
read-only | No writes, no network access the default |
workspace-write | Writes allowed within the project directory only |
danger-full-access | Unrestricted access, intended for isolated containers |
This graduated trust model lets developers match security posture to task requirements.
Approval policies
Codex separates what the agent can do from when it needs permission. Approval policies control when execution pauses for human review:
| Policy | Behavior |
|---|---|
untrusted | Pauses before every command |
on-failure | Pauses only after failed execution |
on-request | Pauses when special permissions are needed |
never | Runs all commands without pausing |
The --full-auto flag combines workspace-write sandboxing with on-request approval a pragmatic middle ground for routine development tasks.
Project context and extensibility
Codex uses AGENTS.md files for project-specific instructions, serving the same purpose as Claude Code's CLAUDE.md. The format has achieved broad industry adoption and is supported by multiple AI coding tools.
Like Claude Code, Codex supports the Model Context Protocol (MCP), enabling connections to external systems and custom tools. Codex can operate as both an MCP client and server, allowing it to participate in multi-agent orchestration workflows.
Module 2 covers project documentation in depth.