Last updated: June 2026. This guide is based on the current openai/codex GitHub repo, the official OpenAI Codex CLI docs, and the latest public npm/GitHub release checked while updating this page.
Quick answer: Codex CLI in 2026
OpenAI Codex CLI is available in 2026, supports MCP through first-party docs and codex mcp, and works across local terminal, IDE, web, automation, GitHub Action, SDK, app-server, skills, subagents, plugins, hooks, and enterprise administration surfaces. Start with the official installer, sign in, run a read-only audit, then move to workspace-write or codex exec only after the task is bounded.
Current status, short version
- Codex CLI is active in 2026. The latest checked release is
0.139.0, published June 9, 2026 asrust-v0.139.0in theopenai/codexGitHub releases. - The official install path changed from older npm-only posts. OpenAI now recommends the standalone installer first, with npm, Homebrew, Windows PowerShell, and GitHub release binaries also supported.
- MCP is first-party, not a hack. The official docs include Codex MCP configuration, plus
codex mcpcommands for managing servers. - Sandboxing and approvals are the workflow. Routine work should use
read-onlyorworkspace-write, not broad bypass modes. - Codex is now more than a terminal-only toy. The current repo and docs point to CLI, IDE, app, Codex Web, automation, GitHub Action, SDK, app-server, MCP server, skills, subagents, plugins, hooks, AGENTS.md, and enterprise governance surfaces.
If you are only here for the answer: yes, OpenAI Codex CLI is available in 2026, yes it supports MCP, and the safest starting workflow is install → sign in → run a read-only audit → move to codex exec or workspace-write only when the scope is clear.
If you are building a full private-agent stack, pair this page with the Codex on a VPS course lesson and the Hermes Google Workspace setup guide. Codex handles bounded implementation and repo inspection. Hermes handles the longer-running operator loop around Discord, Google Workspace, notes, and scheduled work.
What Codex CLI is today
Codex CLI is OpenAI's local coding agent. It runs from your terminal, reads the selected directory, can edit files, and can run commands subject to its sandbox and approval settings.
The important distinction is that Codex CLI is not just “ChatGPT in a shell.” It is a local agent workflow with a control surface:
- install and run locally on macOS, Linux, or Windows
- authenticate with a ChatGPT account or API key
- operate interactively with
codex - run non-interactively with
codex exec - review code with the dedicated review flow
- connect approved external tools through MCP
- obey repository instructions through
AGENTS.md - use sandbox, approval, config, hooks, permissions, and managed administration settings
That control layer is why the tool matters for real product work. A coding agent is only useful if you can bound what it is allowed to inspect, change, and run.
How to install Codex CLI in 2026
The official OpenAI docs now lead with the standalone installer.
macOS and Linux standalone install
For unattended installs:
Then run:
The first run prompts you to sign in with ChatGPT or use an API key.
npm install
As of this update, npm reports @openai/codex at 0.139.0.
Homebrew install
Windows install
Windows users can run Codex natively in PowerShell with the Windows sandbox. Use WSL2 when you specifically need Linux-native tooling.
GitHub release binaries
The openai/codex GitHub releases also publish platform binaries. In practice, most people should use the installer, npm, or Homebrew unless they have a reason to pin a binary manually.
How to update Codex CLI
For the standalone install, rerun the installer:
For npm:
For Homebrew:
Because Codex is moving quickly, I would verify the current version before copying old commands from any blog post, including this one:
Does Codex CLI support MCP?
Yes. Codex CLI has first-party MCP support in 2026. The official Codex docs include MCP configuration, and the CLI exposes MCP management commands through codex mcp.
Use MCP when Codex needs a stable tool boundary, for example:
- internal documentation search
- issue tracker reads
- local database inspection
- browser or design tooling
- deployment metadata
- repo-specific automation that should not be pasted into prompts
Do not use MCP as a way to hand the model unlimited access to every account you own. Treat each MCP server like a capability you are granting to a local agent. Keep scopes narrow, prefer read-only where possible, and document project-specific expectations in AGENTS.md.
A practical MCP workflow looks like this:
- Add only the server the repo needs.
- Run a read-only Codex audit first.
- Ask Codex to name which MCP tool calls it expects before mutation-heavy work.
- Keep secrets in the MCP server or environment, not in prompts.
- Remove or disable servers that are not needed for the project.
Commands worth knowing
1. Start with a read-only repository audit
If Codex cannot produce a useful read-only analysis, giving it write access is not the fix. Read-only is where trust starts.
2. Use codex exec for non-interactive runs
This is the right shape for CI summaries, cron-style reports, release-risk reviews, and bounded repo inspections.
3. Move to workspace writes only after the task is clear
Use this when the artifact and stop condition are obvious: one failing test, one page refresh, one docs pass, one small refactor.
4. Pipe logs into Codex when the input is the artifact
This is better than manually pasting logs into a chat window, especially when the report should become a repeatable workflow.
5. Keep automation outputs inspectable
If another process depends on the output, save the final message, inspect it, and verify the repo yourself before merging or deploying.
Sandbox and approval settings are not optional details
The most important Codex CLI habit is matching permissions to the task.
| Mode | Use it for | Why |
|---|---|---|
read-only | audits, reviews, logs, diagnosis | lowest-risk way to learn a repo |
workspace-write | bounded fixes inside the current repo | lets Codex edit without giving it the whole machine |
| broader bypass modes | disposable sandboxes or externally isolated environments | fast, but too dangerous as a default |
My default order is simple:
- Ask Codex to inspect first.
- Give it the smallest writable scope possible.
- Run the tests yourself.
- Inspect the diff yourself.
- Only then commit, push, or deploy.
Fast is useful. Fast and unverifiable is just expensive.
Use AGENTS.md for repo-specific rules
The current Codex docs include AGENTS.md as part of the operating model. That matters because coding agents need local context:
- package manager rules
- test commands
- repo layout
- coding conventions
- deployment constraints
- files the agent must not touch
- project-specific acceptance criteria
A good AGENTS.md is not a giant manifesto. It is the shortest durable note that prevents repeated agent mistakes.
Example:
Where Codex CLI is strongest
I would reach for Codex CLI when the work has a clear artifact and a clear stop condition:
- repository audits in read-only mode
- root-cause analysis for failing tests
- mechanical refactors across multiple files
- documentation generation from existing code
- PR review notes
- CI summaries and release-risk reports
- small implementation slices where tests already define success
The common theme is concrete context. Codex gets more useful when the repo, failure, plan, or expected output is inspectable.
Where Codex CLI is not enough
Codex can compress implementation. It cannot supply product judgment for you.
It does not replace:
- choosing the right customer problem
- narrowing scope
- deciding pricing or positioning
- talking to users
- owning deployment risk
- verifying the shipped page or app yourself
That is the part many AI coding posts skip. The tool can move faster than your judgment. Your workflow has to keep judgment in front.
A practical SaaS workflow
For a real SaaS repo, I would use Codex like this:
- Plan: run a read-only audit or ask for a plan with no file edits.
- Implement one slice: use
workspace-writefor one bug, one page, one component, or one test-backed refactor. - Verify independently: run the project’s tests, lint, type checks, and visual smoke checks when the change touches UI.
- Commit from your shell: inspect
git diff, then commit with a human-readable message. - Use PR checks as the deployment gate: do not treat Codex’s final message as proof that the app works.
That loop keeps Codex in the role where it is strongest: a fast implementation and review partner, not the final authority.
FAQ
Is Codex CLI available in 2026?
Yes. The openai/codex repo is active, the npm package is current, and the latest checked release while updating this page was 0.139.0 on June 9, 2026.
Does Codex CLI support MCP?
Yes. Codex has first-party MCP support, including official documentation and CLI management through codex mcp. Use MCP for narrow, trusted tool access rather than broad account-level access.
How do I install Codex CLI?
The current official macOS/Linux installer is:
You can also install with npm using npm install -g @openai/codex, with Homebrew using brew install --cask codex, with the Windows PowerShell installer, or with binaries from the latest GitHub release.
Where are the official Codex CLI docs?
The current Codex CLI docs live at developers.openai.com/codex/cli. Use the docs for setup, command-line options, sandbox and approval settings, automation, MCP configuration, AGENTS.md behavior, hooks, plugins, and managed administration details.
Should I use ChatGPT login or an API key?
For individual local use, ChatGPT sign-in is usually the lowest-friction path if your plan includes Codex. API keys make more sense for automation, CI-style environments, or setups where you explicitly want API billing and key-based access.
Should I run Codex with full access?
Not by default. Start with read-only, move to workspace-write when the task is bounded, and reserve broad bypass modes for disposable or externally sandboxed environments.
References and current docs
- openai/codex on GitHub for the current source repo, install options, releases, and README.
- OpenAI Codex CLI docs for current setup, command-line options, permissions, automation, and platform guidance.
- Codex CLI features for official feature coverage.
- Codex configuration docs for config basics, permissions, rules, hooks, AGENTS.md, MCP, plugins, and managed settings.
- Latest Codex GitHub release for the current release tag and changelog.
If you are using Codex to build a product
Pair this workflow with the rest of the system:
- How to Build Your First System Without Wasting Months
- How to Build an AI System MVP That People Will Actually Use
- Systems as a Service Implementation in 2026: A Practical Guide, Checklist, and Rollout Plan
Codex is most useful once you already know what good looks like. It can speed up the work, but you still own the product, the tests, the rollout, and the result.