Codex

OpenAI's official CLI coding agent with built-in sandboxing.

What is Codex?

Codex is OpenAI's official agentic coding tool — similar to what Claude Code is for Anthropic. It's a standalone CLI agent written in Rust with its own tooling system, sandbox modes, and native integration with OpenAI's models.

Codex is a separate product from OpenCode. While OpenCode can use OpenAI models as one of many providers, Codex is OpenAI's dedicated agent with its own tools and features.

Key Features

Native Sandbox

Built-in sandboxing for command execution using Seatbelt (macOS), Landlock (Linux), or Windows Sandbox. Control what the agent can access.

Own Tooling System

Codex has its own tools: shell commands, file operations, directory listing, grep search, and patch application — independent of any other agent.

MCP Support

Connect to MCP servers for additional tools, and even run Codex as an MCP server to let other agents use it.

Setup

1. Install Codex

bash

npm i -g @openai/codex

2. Authenticate

Run Codex and sign in with your ChatGPT account, or set your API key:

bash

# Option 1: Sign in with ChatGPT (recommended)
codex
# Follow the prompts to authenticate

# Option 2: Use API key
export OPENAI_API_KEY=sk-your-key-here

3. Start Broski

bash

broski

Select Codex as your backend in the Broski app settings.

Sandbox Modes

Codex provides built-in sandboxing to control what commands can do:

Mode	Description
read-only	Commands can read but not modify files (default)
workspace-write	Allow writes within the current workspace
danger-full-access	Full system access (use with caution)

bash

# Start with workspace write access
codex --sandbox workspace-write

Built-in Tools

Codex has its own native tools:

Tool	Description
shell	Execute shell commands with sandbox protection
read_file	Read file contents with line numbers
list_dir	List directory contents
grep_files	Search file contents with regex
apply_patch	Apply code patches to files
spawn_agent	Create sub-agents for parallel work

Authentication Options

Method	How
ChatGPT Login	Sign in with your ChatGPT Plus/Pro/Team account
API Key	Set OPENAI_API_KEY or CODEX_API_KEY environment variable

Using ChatGPT login lets you use your existing subscription. API key gives more control but charges separately.

Troubleshooting

Authentication Failed

bash

# Check if API key is set
echo $OPENAI_API_KEY

# Re-authenticate
codex --logout
codex

Sandbox Blocking Commands

If legitimate commands are being blocked, try a less restrictive sandbox mode:

bash

codex --sandbox workspace-write

Claude Code

Anthropic's official agent

OpenCode

Multi-provider alternative

Backend Overview

Compare all backends

Codex

What is Codex?

Key Features

Setup

1. Install Codex

2. Authenticate

3. Start Broski

Sandbox Modes

Built-in Tools

Authentication Options

Troubleshooting

Authentication Failed

Sandbox Blocking Commands

Next