by cexll
Codex CLI is a code analysis tool for structured command execution, brainstorming, and workflow automation with static c
β 151
GitHub stars
Connects Claude/MCP clients to OpenAI's Codex CLI for direct code analysis and automated refactoring. Handles large-scale file processing with chunked responses and safety controls.
Codex CLI is a community-built MCP server published by cexll that provides AI assistants with tools and capabilities via the Model Context Protocol. Codex CLI is a code analysis tool for structured command execution, brainstorming, and workflow automation with static c It is categorized under developer tools. This server exposes 8 tools that AI clients can invoke during conversations and coding sessions.
You can install Codex CLI in your AI client of choice. Use the install panel on this page to get one-click setup for Cursor, Claude Desktop, VS Code, and other MCP-compatible clients. This server runs locally on your machine via the stdio transport.
MIT
Codex CLI is released under the MIT license. This is a permissive open-source license, meaning you can freely use, modify, and distribute the software.
Add new capabilities to Claude beyond text generation
Example
Access external data sources, execute code, interact with tools and services
Transform Claude from chatbot to action-taking agent
Provide Claude with access to relevant context and data
Example
Load project documentation, access knowledge bases, query databases
Get more accurate, context-aware responses
Automate multi-step workflows combining AI and external tools
Example
Research β Summarize β Create document β Send notification
Complete complex tasks end-to-end without manual steps
Share your MCP server with the developer community
Strong directory entry: Codex CLI surfaces stars and publisher context so we could sanity-check maintenance before adopting.
Codex CLI is among the better-indexed MCP projects we tried; the explainx.ai summary tracks the official description.
According to our notes, Codex CLI benefits from clear Model Context Protocol framing β fewer ambiguous βAI pluginβ claims.
According to our notes, Codex CLI benefits from clear Model Context Protocol framing β fewer ambiguous βAI pluginβ claims.
Codex CLI is among the better-indexed MCP projects we tried; the explainx.ai summary tracks the official description.
Strong directory entry: Codex CLI surfaces stars and publisher context so we could sanity-check maintenance before adopting.
We wired Codex CLI into a staging workspace; the listingβs GitHub and npm pointers saved time versus hunting across READMEs.
Codex CLI is a well-scoped MCP server in the explainx.ai directory β install snippets and categories matched our Claude Code setup.
We evaluated Codex CLI against two servers with overlapping tools; this profile had the clearer scope statement.
I recommend Codex CLI for teams standardizing on MCP; the explainx.ai page compares cleanly with sibling servers.
showing 1-10 of 42
Codex MCP Tool is an openβsource Model Context Protocol (MCP) server that connects your IDE or AI assistant (Claude, Cursor, etc.) to the Codex CLI. It enables nonβinteractive automation with codex exec, safe sandboxed edits with approvals, and largeβscale code analysis via @ file references. Built for reliability and speed, it streams progress updates, supports structured change mode (OLD/NEW patch output), and integrates cleanly with standard MCP clients for code review, refactoring, documentation, and CI automation.
Latest Release (v1.2.4): Enhanced Windows compatibility - Now using cross-spawn for reliable npm global command execution across all platforms (Windows, macOS, Linux). See changelog
Goal: Use Codex directly from your MCP-enabled editor to analyze and edit code efficiently.
Before using this tool, ensure you have:
β Cross-Platform Support: Fully tested and working on Windows, macOS, and Linux (v1.2.4+)
claude mcp add codex-cli -- npx -y @cexll/codex-mcp-server
Type /mcp inside Claude Code to verify the Codex MCP is active.
If you already have it configured in Claude Desktop:
"codex-cli": {
"command": "npx",
"args": ["-y", "@cexll/codex-mcp-server"]
}
claude mcp add-from-claude-desktop
Register the MCP server with your MCP client:
Add this configuration to your Claude Desktop config file:
{
"mcpServers": {
"codex-cli": {
"command": "npx",
"args": ["-y", "@cexll/codex-mcp-server"]
}
}
}
If you installed globally, use this configuration instead:
{
"mcpServers": {
"codex-cli": {
"command": "codex-mcp"
}
}
}
Configuration File Locations:
~/Library/Application Support/Claude/claude_desktop_config.json%APPDATA%\Claude\claude_desktop_config.json~/.config/claude/claude_desktop_config.jsonAfter updating the configuration, restart your terminal session.
/codex-cli to access the MCP server tools.// Use the default gpt-5-codex model
'explain the architecture of @src/';
// Use gpt-5 for fast general purpose reasoning
'use codex with model gpt-5 to analyze @config.json';
// Use o3 for deep reasoning tasks
'use codex with model o3 to analyze complex algorithm in @algorithm.py';
// Use o4-mini for quick tasks
'use codex with model o4-mini to add comments to @utils.js';
// Use codex-1 for software engineering
'use codex with model codex-1 to refactor @legacy-code.js';
ask codex to analyze @src/main.ts and explain what it doesuse codex to summarize @. the current directoryanalyze @package.json and list dependenciesask codex to explain div centeringask codex about best practices for React development related to @src/components/Button.tsxbrainstorm ways to optimize our CI/CD pipeline using SCAMPER methoduse codex to brainstorm 10 innovative features for our app with feasibility analysisask codex to generate product ideas for the healthcare domain with design-thinking approachCodex CLI supports fine-grained control over permissions and approvals through sandbox modes and approval policies.
The sandbox Parameter (Convenience Flag):
sandbox: true β Enables fullAuto mode (equivalent to fullAuto: true)sandbox: false (default) β Does NOT disable sandboxing, just doesn't enable auto modesandbox parameter is a convenience flag, not a security controlGranular Control Parameters:
sandboxMode: Controls file system access levelapprovalPolicy: Controls when user approval is requiredfullAuto: Shorthand for sandboxMode: "workspace-write" + approvalPolicy: "on-failure"yolo: β οΈ Bypasses all safety checks (dangerous, not recommended)| Mode | Description | Use Case |
|---|---|---|
read-only | Analysis only, no file modifications | Code review, exploration, documentation reading |
workspace-write | Can modify files in workspace | Most development tasks, refactoring, bug fixes |
danger-full-access | Full system access including network | Advanced automation, CI/CD pipelines |
| Policy | Description | When to Use |
|---|---|---|
never | No approvals required | Fully trusted automation |
on-request | Ask before every action | Maximum control, manual review |
on-failure | Only ask when operations fail | Balanced automation (recommended) |
untrusted | Maximum paranoia mode | Untrusted code or high-risk changes |
Example 1: Balanced Automation (Recommended)
{
"approvalPolicy": "on-failure",
"sandboxMode": "workspace-write", // Auto-set if omitted in v1.2+
"model": "gpt-5-codex",
"prompt": "refactor @src/utils for better performance"
}
Example 2: Quick Automation (Convenience Mode)
{
"sandbox": true, // Equivalent to fullAuto: true
"model": "gpt-5-codex",
"prompt": "fix type errors in @src/"
}
Example 3: Read-Only Analysis
{
"sandboxMode": "read-only",
"model": "gpt-5-codex",
"prompt": "analyze @src/ and explain the architecture"
}
Starting from version 1.2.0, the server automatically applies intelligent defaults to prevent permission errors:
approvalPolicy is set but sandboxMode is not β auto-sets sandboxMode: "workspace-write"search: true or oss: true β auto-sets sandboxMode: "workspace-write" (for network access)--skip-git-repo-check to prevent errors in non-git environmentsIf you encounter β Permission Error: Operation blocked by sandbox policy:
Check 1: Verify sandboxMode
# Ensure you're not using read-only mode for write operations
{
"sandboxMode": "workspace-write", // Not "read-only"
"approvalPolicy": "on-failure"
}
Check 2: Use convenience flags
# Let the server handle defaults
{
"sandbox": true, // Simple automation
"prompt": "your task"
}
Check 3: Update to latest version
# v1.2+ includes smart defaults to prevent permission errors
npm install -g @cexll/codex-mcp-server@latest
Issue 1: MCP Tool Timeout Error
If you encounter timeout errors when using Codex MCP tools:
# Set the MCP tool timeout environment variable (in milliseconds)
export MCP_TOOL_TIMEOUT=36000000 # 10 hours
# For Windows (PowerShell):
$env:MCP_TOOL_TIMEOUT=36000000
# For Windows (CMD):
set MCP_TOOL_TIMEOUT=36000000
Add this to your shell profile (~/.bashrc, ~/.zshrc, or PowerShell profile) to make it permanent.
Issue 2: Codex Cannot Write Files
If Codex responds with permission errors like "Operation blocked by sandbox policy" or "rejected by user approval settings", configure your Codex CLI settings:
Create or edit ~/.codex/config.toml:
# Dynamically generated Codex configuration
model = "gpt-5-codex"
model_reasoning_effort = "high"
model_reasoning_summary = "detailed"
approval_policy = "never"
sandbox_mode = "danger-full-access"
disable_response_storage = true
network_access = true
β οΈ Security Warning: The danger-full-access mode grants Codex full file system access. Only use this configuration in trusted environments and for tasks you fully understand.
Configuration File Locations:
~/.codex/config.toml%USERPROFILE%\.codex\config.tomlAfter updating the configuration, restart your MCP client (Claude Desktop, Claude Code, etc.).
Prerequisites
Time Estimate
15-60 minutes depending on server complexity
Steps
Troubleshooting
β Do
β Don't
π‘ Pro Tips
Architecture
Model Context Protocol standardizes how AI hosts (Claude, Cursor) communicate with external tools and data sources through server implementations.
Protocols
Compatibility
β Use when
Use when you need Claude to access external data, execute actions, or integrate with tools. Best for extending AI capabilities beyond conversation.
β Avoid when
Avoid when native integrations exist (use official APIs directly), for real-time critical systems, or when security/compliance requires zero external dependencies.