Skip to main content
Toolsbase Logo

Codex CLI Commands

Free Codex CLI cheat sheet with all 50 commands, key options, keyboard shortcuts, setup guide, and practical workflow examples

Last updated:

How to Use

Expand how to use
  1. 1

    Filter by category

    Switch between Core Commands, Key Options, Setup, and Workflow Examples to focus on the commands you need.

  2. 2

    Search details

    Use keyword search to match command names, option notes, and example commands at once.

  3. 3

    Copy and run

    Copy the command snippet with one click, then run it directly in your terminal.

Latest Updates (Summary)

Quick view of important changes. See details in the section below.

codex-cli 0.120.0 (Released on 2026-04-12)

Realtime V2 background agents stream progress and queue follow-up responses. TUI hook activity rendering improved. Windows sandbox gains split filesystem policies. MCP `outputSchema` is now respected in code-mode tool declarations.

codex-cli 0.119.0 (Released on 2026-04-08)

Realtime voice sessions default to the v2 WebRTC path. MCP apps and custom servers gain resource loading and richer tool metadata. The experimental `codex exec-server` subcommand is introduced. `/resume` accepts session id or name for direct jumps.

View detailed version updates

codex

Start an interactive Codex CLI session.

Key points

  • codex "<prompt>": Start with an initial prompt.
  • codex --help: Show available subcommands and global options.

Examples

codex
Launch interactive mode in the current directory.
codex "Summarize this repository structure"
Start a session with a task-focused prompt.

codex exec

Run Codex non-interactively for automation and CI-style tasks.

Key points

  • --sandbox: Choose execution sandbox mode.
  • --profile: Load a predefined profile from config.toml.

Examples

codex exec "Review this PR diff"
Run a one-shot review task from the CLI.
cat plan.md | codex exec -
Read instructions from stdin.

codex review

Run a code review directly from the command line.

Key points

  • --uncommitted: Review staged, unstaged, and untracked changes.
  • --base <branch>: Compare the current branch against a base branch.
  • --commit <sha>: Review changes introduced by a specific commit.

Examples

codex review --uncommitted
Review local changes before committing.
codex review --base main
Review changes against main branch.

codex resume

Resume a previous interactive session.

Key points

  • --last: Resume the most recent session immediately.
  • --all: Show all sessions beyond current working directory filter.

Examples

codex resume --last
Continue the latest session quickly.
codex resume <SESSION_ID>
Resume a specific saved session.

codex fork

Fork a previous interactive session into a new conversation branch.

Key points

  • --last: Fork the most recent session without opening the picker.
  • --all: Show sessions across all working directories in the picker.

Examples

codex fork --last
Fork the latest session and continue in a new direction.
codex fork <SESSION_ID> "Try an alternative implementation"
Start a new branch from a specific session.

codex apply

Apply the latest diff generated by Codex to your local working tree via `git apply`.

Key points

  • <TASK_ID>: Specify the Codex task ID to apply.
  • Review the generated diff in Codex Cloud before applying locally.

Examples

codex apply <TASK_ID>
Apply the latest diff for the specified task.
codex cloud diff <TASK_ID>
Preview the patch before applying it locally.

codex cloud

Manage Codex Cloud tasks and apply results locally from the CLI.

Key points

  • codex cloud list: List tasks in Codex Cloud.
  • codex cloud apply <TASK_ID>: Apply a cloud task diff to local repository.

Examples

codex cloud list
Check available tasks from Codex Cloud.
codex cloud diff <TASK_ID>
Preview task diff before applying locally.

codex app

Launch the Codex desktop app (downloads installer if it is missing).

Key points

  • codex app: Open Codex desktop app on macOS.
  • Useful when switching between terminal workflows and desktop session management.

Examples

codex app
Launch (or install then launch) the desktop app.
codex app --help
Check platform support and startup options.

codex login

Manage Codex CLI authentication. Provides subcommands for login and token management.

Key points

  • codex login: Start browser-based authentication flow.
  • codex login status: Check current login state.

Examples

codex login
Authenticate via browser.
codex login status
Check authentication state and user info.

codex logout

Remove stored credentials and sign out from Codex CLI.

Key points

  • `codex logout`: Deletes locally stored authentication tokens.
  • Useful for shared machines and CI cleanup workflows.

Examples

codex logout
Clear the current authenticated session.
codex login
Sign in again when needed.

codex app-server

Run experimental app-server tooling from Codex CLI.

Key points

  • `codex app-server`: Starts the app server or related tooling (experimental).
  • `codex app-server --help`: Show available subcommands and flags.

Examples

codex app-server --help
Inspect supported app-server operations.
codex app-server
Start the experimental app-server command.

codex exec-server

Run the standalone exec-server binary (experimental, added in v0.119.0). Exposes a WebSocket endpoint for remote or app-server workflows.

Key points

  • `--listen <URL>`: Transport endpoint URL (default `ws://127.0.0.1:0`).
  • `-c, --config <key=value>`: Override a value from config.toml for this run.
  • `--enable / --disable <FEATURE>`: Toggle feature flags for the session.

Examples

codex exec-server
Start on the default local WebSocket endpoint.
codex exec-server --listen ws://127.0.0.1:8080
Listen on a specific port.

codex sandbox

Run commands within a Codex-provided sandbox environment.

Key points

  • `codex sandbox`: Entry point for sandbox utility commands.
  • `codex sandbox --help`: Show sandbox subcommands and usage.

Examples

codex sandbox --help
Review available sandbox capabilities.
codex sandbox
Execute sandbox-related commands directly.

codex debug

Use built-in debugging tools for troubleshooting Codex CLI.

Key points

  • `codex debug`: Entry point for debugging utilities.
  • `codex debug --help`: List diagnostics and debug helpers.

Examples

codex debug --help
List debug subcommands before running them.
codex debug
Run debug tooling from the CLI.

codex login status

Check the current authentication status.

Key points

  • Shows user info when authenticated.
  • Suggests `codex login` when not authenticated.

Examples

codex login status
Check login state.
codex login status && codex exec "task"
Verify auth before running a task.

-m, --model

Specify the model the agent should use.

Key points

  • -m <model>: Launch with a specific model.
  • Temporarily overrides the default from config.toml.

Examples

codex -m o3 "Analyze this code"
Start an interactive session with o3.
codex exec -m codex-mini-latest "Check the structure"
Run non-interactively with a lightweight model.

-p, --profile

Select a profile defined in ~/.codex/config.toml.

Key points

  • fast: Quick lookup and lightweight analysis.
  • default | deep | max: Increase reasoning depth for complex tasks.

Examples

codex exec --profile fast "Inspect routing"
Run a low-cost analysis task.
codex exec --profile deep "Design refactor plan"
Use deeper reasoning for architecture tasks.

-s, --sandbox

Control filesystem permissions for model-executed commands.

Key points

  • read-only: Prevent file writes.
  • workspace-write | danger-full-access: Allow broader editing access.

Examples

codex exec --sandbox read-only "List potential bugs"
Analyze code without changing files.
codex exec --sandbox workspace-write "Apply the fix"
Allow edits in the current workspace.

-a, --ask-for-approval

Set when Codex asks for approval before running commands.

Key points

  • untrusted: Ask for approval for commands outside the trusted set.
  • on-request | never: Switch approval behavior by interactive vs non-interactive workflows.
  • on-failure: Deprecated in the latest CLI.

Examples

codex -a on-request
Start interactive mode with request-based approvals.
codex exec -a never "Run checks and summarize"
Use no-approval policy for scripted runs.

--full-auto

Apply low-friction approval and sandbox defaults for interactive runs.

Key points

  • Shortcut for `-a on-request` and `--sandbox workspace-write`.
  • Useful for iterative implementation where command throughput matters.

Examples

codex exec --full-auto "Implement and test this fix"
Run with request-based approvals and workspace-write sandbox.
codex resume --last --full-auto
Resume the latest session with the same convenience defaults.

--search

Enable live web search in supported sessions.

Key points

  • codex --search: Enable web search for a new interactive session.
  • When enabled, the Responses `web_search` tool is available.
  • codex resume --search: Resume a session with web search enabled.

Examples

codex --search "Check latest framework changes"
Start with web search enabled.
codex resume --last --search
Continue the latest session with web search.

--remote

Connect the TUI to a remote app-server endpoint.

Key points

  • --remote <ws://...|wss://...>: Connect to an app-server-backed WebSocket endpoint.
  • Useful when Codex app-server runs on another machine or as a long-lived service.

Examples

codex --remote ws://127.0.0.1:8080
Launch the TUI against a local app-server WebSocket.
codex --remote wss://codex.example.com/socket --no-alt-screen
Use a remote endpoint while keeping inline terminal scrollback.

-i, --image

Attach image files to the initial prompt.

Key points

  • -i <file>: Specify image file(s) (repeatable).
  • Useful for analyzing screenshots and UI designs.

Examples

codex -i screenshot.png "Suggest improvements for this UI"
Start a session with an attached image.
codex exec -i error.png "Identify the cause of this error"
Run non-interactively with an image.

-C, --cd

Set the working root directory for the agent.

Key points

  • -C <dir>: Use the specified directory as the workspace root.
  • Useful for running Codex against a different project.

Examples

codex -C /path/to/project
Start a session in a different directory.
codex exec -C ../other-repo "Run the tests"
Run non-interactively in another repository.

--add-dir

Add extra writable directories alongside the primary workspace.

Key points

  • --add-dir <dir>: Grant write access to an additional directory.
  • Useful for monorepos and shared library access.

Examples

codex --add-dir ../shared-lib
Allow edits to a shared library directory.
codex exec --add-dir ../configs "Update the settings"
Grant write access to a config directory.

codex --oss

Use a local open-source model provider.

Key points

  • --oss: Connect to LM Studio or Ollama.
  • --local-provider <provider>: Explicitly choose lmstudio or ollama.

Examples

codex --oss
Start a session with a local model.
codex --oss --local-provider ollama
Explicitly use Ollama as the provider.

--no-alt-screen

Disable alternate screen mode and run inline, preserving scrollback history.

Key points

  • Preserves terminal scrollback history.
  • Useful in terminal multiplexers like Zellij.

Examples

codex --no-alt-screen
Launch while preserving scrollback.
codex --no-alt-screen "Start working"
Interactive session in a multiplexer environment.

--skip-git-repo-check

Allow codex exec to run outside a Git repository.

Key points

  • --skip-git-repo-check: Skip Git repository validation.
  • For standalone scripts and document generation outside repos.

Examples

codex exec --skip-git-repo-check "Draft a README"
Run in a non-Git directory.
codex exec --skip-git-repo-check --sandbox read-only "Analyze"
Combine with read-only for safe execution.

--ephemeral

Run without persisting session files to disk.

Key points

  • --ephemeral: Disable session persistence.
  • Keeps disk clean for temporary analysis and CI runs.

Examples

codex exec --ephemeral "Explain this function"
Analyze without saving a session.
codex exec --ephemeral --sandbox read-only "Check dependencies"
Leave no trace with read-only analysis.

--output-schema

Validate the model's final response against a JSON Schema.

Key points

  • --output-schema <file>: Path to a JSON Schema file.
  • Ensures structured output in CI/CD pipelines.

Examples

codex exec --output-schema schema.json "Output analysis as JSON"
Get schema-validated structured output.
codex exec --output-schema report.schema.json -o result.json "Generate report"
Schema validation with file output.

--enable / --disable

Toggle feature flags from the command line.

Key points

  • --enable <feature>: Shortcut for `-c features.<name>=true`.
  • --disable <feature>: Shortcut for `-c features.<name>=false`.

Examples

codex --enable some_feature
Enable a specific feature for this session.
codex exec --disable experimental_feature "Run task"
Disable an experimental feature for this run.

--dangerously-bypass-approvals-and-sandbox

Skip all approval prompts and execute without sandboxing. For externally sandboxed environments only.

Key points

  • Skips all confirmation prompts and disables sandboxing.
  • Intended solely for Docker or externally isolated environments.

Examples

codex exec --dangerously-bypass-approvals-and-sandbox "Build"
Use only in externally sandboxed environments.
# Use inside Docker or isolated containers
Never use directly on development machines.

--local-provider

Specify which local model provider to use: lmstudio or ollama.

Key points

  • --local-provider <provider>: Choose lmstudio or ollama explicitly.
  • Used with --oss. If omitted, uses config default or shows a selection prompt.

Examples

codex --oss --local-provider lmstudio
Explicitly use LM Studio as the provider.
codex --oss --local-provider ollama "Analyze the code"
Use Ollama with an initial prompt.

--color

Configure color output for exec mode.

Key points

  • --color <always|never|auto>: Set color output mode.
  • Use never in CI to strip ANSI escapes. Defaults to auto.

Examples

codex exec --color never "Run the tests"
Plain output for log files.
codex exec --color always "Show the diff"
Force color output even when piped.

--remote-auth-token-env

Specify the environment variable containing a bearer token for remote app-server WebSocket connections.

Key points

  • --remote-auth-token-env <ENV_VAR>: Read the bearer token from the named environment variable and send it when connecting.
  • Use with --remote for authenticated remote connections.

Examples

codex --remote wss://codex.example.com/ws --remote-auth-token-env CODEX_TOKEN
Connect remotely using the token in the CODEX_TOKEN variable.
CODEX_TOKEN=secret codex resume --last --remote wss://host:8080 --remote-auth-token-env CODEX_TOKEN
Resume the latest session over an authenticated remote connection.

--json

Print exec events to stdout as JSON Lines.

Key points

  • --json: Stream events in JSONL format.
  • Ideal for programmatic parsing and CI/CD pipeline integration.

Examples

codex exec --json "Analyze the code" > events.jsonl
Save event log to a file.
codex exec --json "Run tests" | jq '.type'
Filter event types with jq.

-o, --output-last-message

Write the agent's final message to a specified file.

Key points

  • -o <file>: Set the output file for the last response.
  • Useful for CI/CD result capture and report generation.

Examples

codex exec -o result.txt "Summarize this PR"
Save the final response to a text file.
codex exec --output-schema schema.json -o result.json "Generate report"
Schema-validated JSON file output.

-c, --config

Override config values from the command line.

Key points

  • -c model="gpt-5-codex": Set model for the current run.
  • -c features.name=true: Toggle a feature flag for this run only.

Examples

codex -c model="gpt-5-codex"
Launch with a specific model override.
codex exec -c 'sandbox_permissions=["workspace-write"]' "Explain risk"
Override sandbox permissions inline.

codex login --with-api-key

Authenticate Codex using API key or device auth flow.

Key points

  • --with-api-key: Read API key from stdin.
  • --device-auth: Use browser-based device authentication.

Examples

printenv OPENAI_API_KEY | codex login --with-api-key
Login non-interactively with environment variable.
codex login --device-auth
Start interactive device authentication.

codex mcp add

Manage external MCP servers in Codex.

Key points

  • codex mcp list: Show configured MCP servers.
  • codex mcp remove <name>: Remove an MCP server from config.

Examples

codex mcp add docs -- command --flag
Register a new MCP server command.
codex mcp get docs
Inspect details of a configured MCP server.

codex mcp-server

Run Codex itself as an MCP server over stdio.

Key points

  • Use this when integrating Codex into MCP-compatible clients and tools.
  • Supports `-c/--config` and feature flags just like other subcommands.

Examples

codex mcp-server
Start Codex in MCP server mode on stdio.
codex mcp-server -c model="gpt-5-codex"
Launch MCP server mode with a one-off config override.

codex features

Inspect and manage Codex feature flags from the CLI.

Key points

  • codex features list: Show known features and their effective state.
  • codex features enable|disable <name>: Persist toggles in config.toml.

Examples

codex features list
Check staged and experimental flags before enabling.
codex features enable <feature_name>
Enable a feature flag in your local Codex config.

codex completion zsh

Generate shell completion scripts.

Key points

  • codex completion zsh: Output zsh completion script.
  • codex completion bash: Output bash completion script.

Examples

codex completion zsh > ~/.zsh/completions/_codex
Install zsh completion manually.
codex completion fish > ~/.config/fish/completions/codex.fish
Install fish completion script.

codex exec --profile fast --sandbox read-only "<prompt>"

Safe analysis workflow for read-only inspection.

Key points

  • --profile fast: Use lower-cost profile for quick checks.
  • --sandbox read-only: Guarantee no file modifications.

Examples

codex exec --profile fast --sandbox read-only "Find dead code candidates"
Run static analysis without editing files.
codex exec --profile fast --sandbox read-only "Map i18n key usage"
Inspect translation usage safely.

codex exec --profile default --sandbox workspace-write "<prompt>"

Standard implementation workflow with editable workspace.

Key points

  • --profile default: Balanced speed and reasoning.
  • --sandbox workspace-write: Allow edits inside project workspace.

Examples

codex exec --profile default --sandbox workspace-write "Implement tooltip improvements"
Run a typical implementation task.
codex exec --profile default --sandbox workspace-write "Update docs and tests"
Apply code and documentation updates together.

codex review --uncommitted

Review local changes before commit.

Key points

  • --uncommitted: Include staged, unstaged, and untracked files.
  • --title <name>: Add context label to review summary.

Examples

codex review --uncommitted
Run a quick local review pass.
codex review --uncommitted --title "before-merge-check"
Attach a custom review title.

codex exec --json -o result.json "<prompt>"

Produce machine-readable output for automation pipelines.

Key points

  • --json: Stream execution events as JSONL.
  • -o <file>: Save the last assistant message to a file.

Examples

codex exec --json -o result.json "List migration risks"
Capture structured events and final summary.
codex exec --json "Generate release notes draft"
Use JSONL stream in custom tooling.

codex review --base <branch>

Review changes against a specified base branch.

Key points

  • --base <branch>: Set the base branch for comparison.
  • Ideal for pre-PR branch-to-branch reviews.

Examples

codex review --base main
Review diff against the main branch.
codex review --base develop "Review for security issues"
Branch review with custom instructions.

codex review --commit <sha>

Review the changes introduced by a specific commit.

Key points

  • --commit <sha>: Specify the commit SHA to review.
  • --title <title>: Add a title to the review summary.

Examples

codex review --commit abc1234
Review a specific commit's changes.
codex review --commit HEAD --title "Latest commit review"
Review the latest commit with a title.

codex cloud exec "<prompt>"

Submit a task to Codex Cloud for remote non-interactive execution.

Key points

  • codex cloud exec: Create a cloud task without launching the TUI.
  • Use codex cloud status / list / diff / apply to check and apply results.

Examples

codex cloud exec "Run all tests and report results"
Execute a task in the cloud.
codex cloud list && codex cloud apply <task-id>
List tasks and apply a diff locally.

Important Updates by Version

Summarized from official OpenAI GitHub releases, focused on practical capabilities.

codex-cli 0.120.0 (Released on 2026-04-12)

Realtime V2 background agents stream progress and queue follow-up responses. TUI hook activity rendering improved. Windows sandbox gains split filesystem policies. MCP `outputSchema` is now respected in code-mode tool declarations.

View official release

  • Realtime V2 streams background agent progress and queues follow-up responses so long-running work stays interactive
  • TUI hook activity rendering improved: running hooks render in their own line and only useful output is retained after completion
  • Code-mode tool declarations now include MCP outputSchema details so structured results are typed accurately
  • Windows elevated sandbox supports split filesystem policies with read-only carveouts
  • Fixed a panic when using codex --remote wss://... by installing a Rustls crypto provider
codex-cli 0.119.0 (Released on 2026-04-08)

Realtime voice sessions default to the v2 WebRTC path. MCP apps and custom servers gain resource loading and richer tool metadata. The experimental `codex exec-server` subcommand is introduced. `/resume` accepts session id or name for direct jumps.

View official release

  • Realtime voice sessions default to the v2 WebRTC path with richer transport, voice selection, and TUI media support
  • MCP apps and custom MCP servers support resource loading, tool-call metadata, and server-driven elicitation questions
  • Added experimental codex exec-server subcommand: a standalone WebSocket endpoint for remote and app-server workflows
  • /resume jumps directly to a session by ID or name without going through the picker
  • TUI notifications support Warp OSC 9 and add a focused-notification option
codex-cli 0.118.0 (Released on 2026-04-04)

Windows sandbox now enforces proxy-only networking with OS-level egress rules. `codex exec` supports prompt-plus-stdin workflow. Custom model providers can dynamically fetch and refresh bearer tokens.

View official release

  • Windows sandbox can enforce proxy-only networking with OS-level egress rules instead of relying on environment variables alone
  • codex exec supports prompt-plus-stdin workflow: pipe input and still pass a separate prompt on the command line
  • Custom model providers can dynamically fetch and refresh short-lived bearer tokens instead of static credentials
  • App-server TUI fixes: /copy and /resume <name> work again, hook notifications replay correctly, skills picker scrolls past first page
  • MCP server startup improved: longer startup window for local servers and failed handshakes surface warnings again
codex-cli 0.117.0 (Released on 2026-03-25)

Plugins are now a first-class workflow with sync, browse, install, and remove support. Sub-agents use path-based addresses, and remote WebSocket auth was added.

View official release

  • Plugins integrated as a first-class workflow: sync, browse in /plugins, install, and remove with clearer auth handling
  • Sub-agents now use readable path-based addresses like /root/agent_a with structured inter-agent messaging
  • /title picker works in both classic TUI and app-server TUI for easier parallel session identification
  • App-server clients can connect to remote WebSocket servers with bearer-token auth (--remote-auth-token-env)
  • Image workflows improved: view_image returns URLs in code mode, generated images are reopenable, and history survives resume
codex-cli 0.116.0 (Released on 2026-03-19)

Strengthened app-server TUI authentication, smoothed plugin and connector setup flows, and improved realtime plus Linux sandbox reliability.

View official release

  • App-server TUI now supports device-code ChatGPT sign-in during onboarding and can refresh existing ChatGPT tokens
  • Codex can prompt to install missing plugins or connectors, respect a configured suggestion allowlist, and sync install or uninstall state remotely
  • Added a userpromptsubmit hook to block or augment prompts before execution and before they enter history
  • Realtime sessions start with recent thread context and are less likely to self-interrupt during audio playback
  • Fixed first-turn websocket prewarm stalls, restored remote resume or fork history, and improved Linux sandbox startup
codex-cli 0.115.0 (Released on 2026-03-16)

Expanded full-resolution image handling, improved JS REPL continuity, and strengthened app-server v2 plus subagent approval workflows.

View official release

  • view_image and codex.emitImage(..., detail: "original") now support full-resolution images
  • JS REPL now exposes codex.cwd and codex.homeDir, and keeps tool/image references across cells
  • app-server v2 gained filesystem RPCs for read/write, copy, directory operations, and path watching
  • Review requests can be routed through the guardian subagent, with better sandbox/network inheritance for subagents
  • Fixed resume-time --profile persistence, TUI exit stalls, and related stability issues
codex-cli 0.114.0 (Released on 2026-03-11)

Added experimental code mode and hooks engine, improved permission-profile compatibility, and stabilized app-server/realtime workflows.

View official release

  • Experimental code mode and hooks engine (SessionStart / Stop) are now available
  • Permission/profile compatibility improved for legacy workspace-write + sandbox settings
  • App-server health endpoints (/readyz, /healthz) and realtime handoff context were enhanced
  • Session resume and Linux tmux stability issues were fixed
codex-cli 0.113.0 (Released on 2026-03-10)

Expanded plugin workflows, introduced request-time permission escalation, and improved app-server execution streaming.

View official release

  • Added request_permissions tool for in-turn permission escalation
  • Plugin UX expanded with list/uninstall support and improved mentions
  • app-server exec gained stdin/stdout/stderr streaming with TTY/PTY support
  • Cloud and session tooling received reliability and UX improvements
codex-cli 0.112.0 (Released on 2026-03-09)

Added `@plugin` mentions in chat, improved skill permission/sandbox integration, and enhanced macOS permission handling.

View official release

  • @plugin mentions in chat auto-include plugin context (MCP/app/skill)
  • Latest model catalog now surfaced in the TUI model picker
  • Skill permission profiles merged into sandbox policy for safer execution
  • JS REPL bindings now persist after a failed cell for smoother iteration
  • emitImage restricted to data: URLs only (security fix)
codex-cli 0.111.0 (Released on 2026-03-05)

Improved sandbox permission handling, MCP reliability, and safer cloud apply behavior.

View official release

  • approval_policy now correctly takes precedence over sandbox_mode
  • codex cloud apply better supports git worktree workflows
  • Improved MCP server connection and authentication stability
codex-cli 0.110.0 (Released on 2026-03-04)

Approval retry flow and token handling were improved for more stable long-running usage.

View official release

  • Cancelled approval requests can now be re-issued cleanly
  • Added custom token reset to simplify auth recovery
  • Reliability improvements for long-running sessions (watchdog and related fixes)
codex-cli 0.109.0 (Released on 2026-03-03)

MCP management and sandbox controls became easier to operate, with expanded output tracking.

View official release

  • Added codex mcp list for easier MCP inventory checks
  • Added sandbox_workspace_write.allow_network support
  • codex exec --last-message-file can write final output to a chosen file
codex-cli 0.108.0 (Released on 2026-03-03)

Focused quality release for patch apply flow, sandbox checks, and cloud integration.

View official release

  • codex apply now leverages git apply --3way behavior
  • Risk evaluation is more strict to reduce unnecessary approvals
  • Improved Codex Cloud task integration stability
codex-cli 0.107.0 (Released on 2026-03-02)

Expanded non-interactive execution and improved MCP/OAuth workflows.

View official release

  • codex exec --include-plan-tool enables plan tool usage in exec mode
  • MCP auth failures now guide users toward codex mcp login
  • OAuth flow keeps using existing clients for better connection stability

About This Tool

This free Codex CLI cheat sheet consolidates the complete commands list, key options, keyboard shortcuts, and workflow examples you need into one searchable reference page — from interactive sessions and one-shot codex exec tasks to MCP integration, sandbox configuration, guardian approval, and CI/CD automation. Filter by category, search by keyword, and copy any command in one click so you can move from lookup to execution without leaving your current context.

What You Can Check

  • Complete Codex CLI commands list for interactive sessions, non-interactive exec, and resume workflows
  • Key global options including profile, sandbox mode, approval policy, guardian approval, and web search
  • Keyboard shortcuts and slash commands reference for fast in-session navigation
  • Practical setup commands for login, MCP servers, shell completion, and config.toml overrides
  • Workflow-ready examples you can copy and run immediately in a terminal or CI/CD pipeline
  • Version update summaries showing what changed in each release

When It Helps

  • Looking up the correct codex exec flags before adding an automated code-review step to a GitHub Actions or GitLab CI pipeline
  • Comparing sandbox modes (read-only vs workspace-write) when deciding how much file-system access to grant Codex in a production codebase
  • Onboarding a teammate to Codex CLI by sharing a cheat sheet of exec, mcp add, and profile commands without them needing to read the full docs
  • Referencing approval-policy options (always, on-failure, never) when scripting a nightly code analysis job that runs unattended
  • Checking the correct syntax for codex mcp add before wiring up a GitHub or Jira MCP server to a Codex workflow

FAQ

What is Codex CLI?

Codex CLI is OpenAI's open-source terminal agent that can read, write, and execute code in your local project. It is distinct from the older Codex API model — the CLI is an agentic tool that runs tasks autonomously in your shell.

What is the difference between codex and codex exec?

codex launches an interactive REPL where you converse with the agent. codex exec runs a single task non-interactively and exits, making it ideal for CI/CD pipelines, cron jobs, and scripted automation where you need one-shot execution.

Which sandbox mode should I use?

Use read-only for analysis tasks (reviewing code, generating reports) where you don't want Codex touching files. Use workspace-write when you want Codex to create or edit files. Avoid network-full unless your task requires external API calls.

How do I add a GitHub or Jira MCP server?

Run codex mcp add <name> <command> with the appropriate MCP server binary for your tool. Then use codex mcp list to confirm it's registered. MCP servers let Codex file GitHub issues, query Jira boards, or interact with databases without leaving the terminal.

Are these command examples safe to run directly?

Treat them as templates. Replace placeholder prompts with your actual task, and choose sandbox and approval-policy settings appropriate for your environment — especially in automated pipelines where approval-policy: never runs without human confirmation.

How do I use Codex in a GitHub Actions workflow?

Use codex exec with --approval-policy never and sandbox read-only (or workspace-write if file edits are needed). Set your OPENAI_API_KEY as a GitHub Actions secret. A typical step: codex exec --approval-policy never "Review the diff and summarize risks".

Where can I find a complete Codex CLI commands list?

This page is the complete Codex CLI commands list reference. Every command — codex, codex exec, codex review, codex resume, codex mcp, codex login, codex cloud, and more — is grouped into Core Commands, Key Options, Setup, and Workflow Examples tabs. Use the search box to filter by command name, option, or example, and copy any entry with one click.

What keyboard shortcuts and slash commands are available in Codex CLI?

Inside an interactive codex session you can use slash commands like /resume, /title, /plugins, /copy, and /help for quick navigation and session control. TUI hotkeys include Ctrl+C to cancel the current turn and Ctrl+D to exit the session. The cheat sheet above lists the commonly-used in-session commands so you can copy them directly and learn the shortcuts by practice.

What is Guardian approval in Codex CLI?

Guardian is a subagent that can route sensitive review requests for additional approval before actions are taken. When configured, the guardian inherits sandbox and network settings from its parent session. Combine it with --approval-policy on-failure or never to control how Codex escalates risky operations in scripted or unattended workflows, keeping Guardian as an extra gate for high-impact edits.

How does codex resume work and how do I continue the last session?

codex resume reopens a previous interactive session by ID, name, or through an interactive picker, preserving the full conversation history. Recent releases also support /resume <name> inside a running session for direct jumps. To continue your most recent conversation, run codex resume and pick the latest entry from the list, or run codex resume --help to see the flags supported by your installed version.

How up to date is this Codex CLI cheat sheet?

This reference is refreshed alongside each new codex-cli release, tracking every release from codex-cli 0.110.0 onward. You can quickly scan which flags, subcommands, sandbox behaviors, and shortcuts shipped in each version — making it a practical cheat sheet for everyday terminal work.

Related Tools

Claude Code CommandsCursor Commands & ShortcutsClaude Code Features Guideuv Commands