Agent-Ex

OpenAI Codex

CLIIDE extensionappweb
OpenAI Codex is strongest on nested filesystem scoping and policy-enforced local clients. AGENTS.md walks from global scope down to CWD with override files at each level; requirements.toml provides admin-enforced controls that users cannot override. Skills are the authoring format with six scope tiers; plugins are the installable distribution unit with three marketplace tiers.

AGENTS.md Instructions

Instructions
Vendor Terms AGENTS.md, AGENTS.override.md, custom instructions, agents.md standard
Interfaces CLI, IDE extension, app
Scopes
User / HomeProject / Repo RootSubdirectory / Folder
Availability current (explicit)
Trust Model Contextual guidance loaded at run start; more specific files override by concatenation order
Notes Discovery chain walks from global (~/.codex) to CWD checking override then standard per directory; combined size capped at 32 KiB; links to official agents.md cross-vendor standard
Customization ↗AGENTS.md guide ↗

Memories

Instructions
Vendor Terms memories, learned context
Interfaces CLI, IDE extension, app
Scopes
User / Home
Availability current (explicit)
Trust Model Persistent learned context, not user-authored instructions; background processing after threads go idle
Notes Off by default; not available in EEA/UK/Switzerland; agent-learned context carried forward from prior sessions with secret redaction
Memories ↗

Skills

Skills
Vendor Terms agent skills, SKILL.md, .agents/skills
Interfaces CLI, IDE extension, app
Scopes
Subdirectory / FolderProject / Repo RootUser / HomeMachine / Admin
Availability current (explicit)
Trust Model Reusable workflows loaded progressively; skills are the authoring format, plugins are the distribution unit
Notes Six scope tiers from repo to system-bundled; explicit ($-mention) and implicit (auto-matched) invocation; based on open Agent Skills standard (agentskills.io); distributable via plugins
Agent Skills ↗Plugins ↗

Custom Prompts (deprecated)

Prompts
Vendor Terms custom prompts, slash commands
Interfaces CLI, IDE extension
Scopes
User / Home
Availability deprecated (explicit)
Trust Model User-local reusable prompt templates with argument placeholders; not shared through repositories
Notes Deprecated in favor of skills; Markdown files in ~/.codex/prompts/ invoked as /prompts:name
Custom Prompts ↗

MCP Servers

MCP & Tools
Vendor Terms MCP servers, OAuth authentication
Interfaces CLI, IDE extension, app
Scopes
User / HomeProject / Repo Root
Availability current (explicit)
Trust Model Destructive tool calls always require approval; enterprise allowlist enforces name + identity matching
Notes STDIO and streamable HTTP transports; OAuth via codex mcp login; per-server tool filtering and timeouts; enterprise allowlist via requirements.toml
MCP ↗Agent approvals and security ↗

Subagents

Agents
Vendor Terms subagents, custom agents, agent threads
Interfaces app, CLI
Scopes
User / HomeProject / Repo RootCloud / Web Session
Availability current (explicit)
Trust Model Isolated workers that inherit parent sandbox policy; approval requests surface from inactive threads
Notes Three built-in agents (default, worker, explorer); custom agents as TOML files at user or project scope; max 6 concurrent threads, nesting depth of 1
Subagents ↗Subagent concepts ↗

Hooks

Hooks
Vendor Terms hooks, hook events
Interfaces CLI, IDE extension
Scopes
User / HomeProject / Repo Root
Availability experimental (explicit)
Trust Model Deterministic scripts that run on lifecycle events; PreToolUse can deny commands but enforcement is incomplete
Notes Behind feature flag; 5 hook events; PreToolUse/PostToolUse only intercept Bash tool calls; multiple hooks run concurrently
Hooks ↗

Plugins

Plugins & Distribution
Vendor Terms plugins, marketplace, plugin manifest
Interfaces app, CLI, IDE extension
Scopes
Project / Repo RootUser / Home
Availability current (explicit)
Trust Model Packaging layer for reuse; existing approval settings apply; marketplace policy fields control install behavior
Notes Bundles skills, app integrations, and MCP servers; three marketplace tiers (official, repo-scoped, personal); built-in $plugin-creator for scaffolding
Plugins ↗Build plugins ↗

Configuration, Rules, and Requirements

Settings & Policy
Vendor Terms config.toml, requirements.toml, managed configuration, rules, profiles
Interfaces CLI, IDE extension, app, web
Scopes
User / HomeProject / Repo RootSubdirectory / FolderMachine / AdminCloud / Web SessionOrganization / Enterprise
Availability current (explicit)
Trust Model Admin-enforced requirements cannot be overridden; OS-level sandbox (macOS Seatbelt, Linux bwrap+seccomp)
Notes Requirements are admin-enforced and cannot be overridden; cloud-managed requirements for Business/Enterprise; rules (experimental) use Starlark-based prefix_rule; 4-level feature maturity taxonomy
Config basics ↗Configuration reference ↗Managed configuration ↗
Data last updated 2026-04-19 · Auto-generated from upstream docs and may be inaccurate · Source on GitHub