ECC for Codex CLI

This supplements the root AGENTS.md with Codex-specific guidance.

Model Recommendations

Task Type	Recommended Model
Routine coding, tests, formatting	o4-mini
Complex features, architecture	o3
Debugging, refactoring	o4-mini
Security review	o3

Skills Discovery

Skills are auto-loaded from .agents/skills/. Each skill contains:

SKILL.md — Detailed instructions and workflow
agents/openai.yaml — Codex interface metadata

Available skills:

tdd-workflow — Test-driven development with 80%+ coverage
security-review — Comprehensive security checklist
coding-standards — Universal coding standards
frontend-patterns — React/Next.js patterns
frontend-slides — Viewport-safe HTML presentations and PPTX-to-web conversion
backend-patterns — API design, database, caching
e2e-testing — Playwright E2E tests
eval-harness — Eval-driven development
strategic-compact — Context management
api-design — REST API design patterns
verification-loop — Build, test, lint, typecheck, security

MCP Servers

Configure in ~/.codex/config.toml under [mcp_servers]. See .codex/config.toml for reference configuration with GitHub, Context7, Memory, and Sequential Thinking servers.

Key Differences from Claude Code

Feature	Claude Code	Codex CLI
Hooks	8+ event types	Not yet supported
Context file	CLAUDE.md + AGENTS.md	AGENTS.md only
Skills	Skills loaded via plugin	`.agents/skills/` directory
Commands	`/slash` commands	Instruction-based
Agents	Subagent Task tool	Single agent model
Security	Hook-based enforcement	Instruction + sandbox
MCP	Full support	Command-based only

Security Without Hooks

Since Codex lacks hooks, security enforcement is instruction-based:

Always validate inputs at system boundaries
Never hardcode secrets — use environment variables
Run npm audit / pip audit before committing
Review git diff before every push
Use sandbox_mode = "workspace-write" in config

2.1 KiB Raw Blame History