Codex
Delegate non-interactive coding and review work to OpenAI Codex CLI with the right exec, review, resume, model, and approval flags from your primary agent.
Overview
Codex is a journey-wide agent skill that documents OpenAI Codex CLI exec, review, resume, and approval workflows—usable whenever a solo builder needs reliable secondary-agent delegation before committing changes.
Install
npx skills add https://github.com/giuseppe-trisciuoglio/developer-kit --skill codexWhat is this skill?
- Non-interactive codex exec and codex review/e aliases for delegation prompts
- Session resume --last, resume by id, and fork --last for continued work
- Model flags: gpt-5.3-codex, o4-mini, o3 for speed vs reasoning tradeoffs
- Approval policies: untrusted, on-request, never with explicit safety semantics
- English-prompt oriented quick reference aligned with skill delegation workflows
- 3 approval policy values documented: untrusted, on-request, never
Adoption & trust: 828 installs on skills.sh; 271 GitHub stars; 1/3 security scanners passed (skills.sh audits).
What problem does it solve?
You know Codex can run tasks but keep guessing flags for exec vs review, models, and approval modes across sessions.
Who is it for?
Builders running Claude Code or Cursor who routinely delegate codegen or review bursts to Codex CLI with documented approval defaults.
Skip if: Teams with no Codex CLI installed or workflows that forbid shell delegation to external coding agents.
When should I use this skill?
You need to delegate a bounded coding or review task to Codex CLI with correct exec, model, or resume flags.
What do I get? / Deliverables
You invoke codex exec or review with consistent model and -a policy choices and resume the right session without ad-hoc shell trial and error.
- Executed Codex session output
- Review feedback from codex review
- Resumed or forked session continuation
Recommended Skills
Journey fit
Useful at every journey phase - explore requirements and options before committing to a direction.
Where it fits
codex exec -m o4-mini on a thin spike module before committing to full architecture.
codex exec -a on-request with a dependency-injection refactor prompt while the primary agent handles PR scaffolding.
codex review with an English security-focused prompt before merge.
codex resume --last to continue a hotfix session after a production alert.
codex exec for boilerplate in internal tooling docs—not ideal alone; pair with human editorial pass.
How it compares
Reference skill for Codex CLI invocation—not a replacement for in-editor Cursor rules or Claude-native edit loops.
Common Questions / FAQ
Who is codex for?
Solo developers orchestrating multiple AI coding tools who need a concise Codex CLI cheat sheet inside their agent session.
When should I use codex?
Use it in Validate for quick exec spikes on prototypes, in Build for refactors and tests via codex exec, in Ship for codex review passes, and in Operate when resuming --last to patch production issues—any time delegation beats monolithic chat.
Is codex safe to install?
Check the Security Audits panel on this page; codex exec with -a never or broad prompts can run shell commands—prefer untrusted or on-request until you trust the repo.
SKILL.md
READMESKILL.md - Codex
# Codex CLI Command Reference Quick reference for the `codex` skill delegation workflow. ## Core Usage ```bash # Interactive mode codex # Non-interactive code generation (recommended for delegation) codex exec "<english-prompt>" # Non-interactive code review codex review "<english-prompt>" # Non-interactive with alias codex e "<english-prompt>" ``` ## Prompting and Sessions ```bash # Non-interactive single prompt codex exec "Refactor this class to use dependency injection" # Resume latest session codex resume --last # Resume specific session codex resume <session-id> # Fork latest session codex fork --last ``` ## Model Selection ```bash # Explicit model selection codex exec -m gpt-5.3-codex "Design a microservices architecture" # Use O4-mini for faster iterations codex exec -m o4-mini "Generate unit tests for this module" # Use O3 for complex reasoning codex exec -m o3 "Analyze this system for distributed transaction patterns" ``` ## Approval Policies ```bash # Untrusted commands only (safe baseline) codex exec -a untrusted "Analyze codebase for security issues" # Model decides when to ask (recommended for development) codex exec -a on-request "Refactor this module with proper error handling" # Never ask for approval (use with caution) codex exec -a never "Generate boilerplate code for CRUD operations" ``` **Approval Policy Values:** - `untrusted`: Only run trusted commands (ls, cat, sed) without approval - `on-request`: Model decides when to ask for user approval - `never`: Never ask for approval (⚠️ execution failures returned immediately) ## Sandbox Modes ```bash # Read-only (safest for analysis) codex exec -s read-only "Review this code for performance issues" # Workspace write (default for development) codex exec -s workspace-write "Implement new API endpoint with tests" # Danger full access (⚠️ extremely dangerous) codex exec -s danger-full-access "Refactor entire codebase structure" ``` **Sandbox Mode Values:** - `read-only`: No writes, no network access - `workspace-write`: Allow writes in workspace, no network - `danger-full-access`: Disable all sandboxing (⚠️ NEVER use without external sandboxing) ## Working Directory ```bash # Set working directory codex exec -C /path/to/project "Analyze this module's dependencies" # Add additional writable directories codex exec --add-dir /path/to/resources "Generate resource files" ``` ## Multimodal Input ```bash # Single image attachment codex exec -i screenshot.png "What accessibility issues exist in this UI?" # Multiple images codex exec -i mockup.png -i current.png "Compare these designs and list differences" # Image with complex task codex exec -i architecture-diagram.jpg "Implement the system shown in this diagram using Spring Boot" ``` ## Web Search ```bash # Enable live web search for latest information codex exec --search "Implement OAuth2 using the latest security best practices" # Web search for up-to-date libraries codex exec --search "Create a REST API using the current version of Express.js with modern async patterns" ``` ## Convenience Flags ```bash # Full-auto mode (workspace-write + on-request approval) codex exec --full-auto "Generate comprehensive unit tests with 80% coverage" # Enable/disable feature flags codex exec --enable unified_exec "Use unified execution mode" codex exec --disable web_search_request "Disable web search for this session" # Use specific configuration profile codex exec -p work "Start task with work profile settings" # Override specific config values codex exec -c model=o4-mini -c permissions.approval_policy=never "Generate boilerplate code" ``` ## Safe Delegation Patterns ### Security Analysis (Read-Only) ```bash codex exec "Perform comprehensive security audit focusing on OWASP Top 10. For each vulnerability, provide: severity, CWE, exploit scenario, and remediation code." -a on-request -s read-only ``` ### Code Generation (Workspace-Write) ```bash codex exec "Implement a RESTful API for user m