Codex Skill Guide

To perform deep code analysis, refactoring, or automated editing, run Codex CLI with model and reasoning effort specified.

Models Available:

• gpt-5-codex - Purpose-built for agentic coding, trained on real-world engineering tasks (recommended)
• gpt-5 - General-purpose model

Reasoning Effort:

• high - Complex multi-file tasks
• medium - Default for most tasks
• low - Simple queries

Sandbox Modes:

• read-only - Analysis, code review, documentation (default, safest)
• workspace-write - File edits, refactoring (use with --full-auto)
• danger-full-access - Network access, external commands (requires explicit permission)

Always ask user which model and reasoning effort to use via AskUserQuestion in a single prompt with two questions. Default recommendation: gpt-5-codex with medium reasoning.

Running a Task

1. Ask the user (via AskUserQuestion) which model to run (gpt-5-codex or gpt-5) AND which reasoning effort to use (high, medium, or low) in a single prompt with two questions.
2. Select the sandbox mode required for the task; default to --sandbox read-only unless edits or network access are necessary.
3. Assemble the command with the appropriate options:
   • -m, --model <MODEL>
   • --config model_reasoning_effort="<high|medium|low>"
   • --sandbox <read-only|workspace-write|danger-full-access>
   • --full-auto
   • -C, --cd <DIR>
   • --skip-git-repo-check
4. Always use --skip-git-repo-check.
5. When continuing a previous session, use codex exec --skip-git-repo-check resume --last via stdin. When resuming don't use any configuration flags unless explicitly requested by the user e.g. if they specify the model or the reasoning effort when requesting to resume a session. Resume syntax: echo "your prompt here" | codex exec --skip-git-repo-check resume --last 2>/dev/null. All flags have to be inserted between exec and resume.
6. IMPORTANT: By default, append 2>/dev/null to all codex exec commands to suppress thinking tokens (stderr). Only show stderr if the user explicitly requests to see thinking tokens or if debugging is needed.
7. Run the command, capture stdout/stderr (filtered as appropriate), and summarize the outcome for the user.
8. After Codex completes, inform the user: "You can resume this Codex session at any time by saying 'codex resume' or asking me to continue with additional analysis or changes."

Proactively use these flags

Use this to point the agent to a specific directory, usually where the code lives

  -C, --cd <DIR>
        Tell the agent to use the specified directory as its working root

Use this along with the --cd flag to add in additional directories for the agent to use for context to the code.

--add-dir <DIR>
    Additional directories that should be writable alongside the primary workspace

Quick Reference

Example: Multi-File Refactoring

Scenario: Refactor authentication module across multiple files

# Step 1: Initial analysis (read-only)
codex exec -m gpt-5-codex --config model_reasoning_effort="medium" \
  --sandbox read-only --skip-git-repo-check \
  "Analyze the authentication module and identify refactoring opportunities" 2>/dev/null

# Step 2: Apply refactoring (after user approval)
codex exec -m gpt-5-codex --config model_reasoning_effort="medium" \
  --sandbox workspace-write --full-auto --skip-git-repo-check \
  "Refactor authentication module to use JWT tokens consistently across all files" 2>/dev/null

# Step 3: Resume for follow-up changes
echo "Add rate limiting to auth endpoints" | codex exec --skip-git-repo-check resume --last 2>/dev/null

Example: Code Review with Image Context

Scenario: Debug issue with screenshot of error

# Analyze error with visual context
codex exec -m gpt-5-codex --config model_reasoning_effort="high" \
  --sandbox read-only --skip-git-repo-check \
  -i error-screenshot.png \
  "Explain this error and identify the root cause in the codebase" 2>/dev/null

Common Pitfall

❌ Don't add configuration flags when resuming - they're inherited from original session ✅ Do use clean resume syntax: echo "prompt" | codex exec --skip-git-repo-check resume --last 2>/dev/null

Best Practices

• Prompt optimization: Keep prompts minimal and direct - GPT-5-Codex prefers clarity without verbose instructions
• Sandbox selection: Start with read-only for analysis, escalate to workspace-write only after user approval
• Resume sessions: Use resume for follow-ups to preserve context and settings
• Suppress thinking tokens: Always append 2>/dev/null unless debugging
• Working directory: Use -C <DIR> to target specific directories without changing current location
• Session management: Sessions expire after 1 hour of inactivity

When to Use Codex vs Gemini

Use Codex for:

• Deep code refactoring across multiple files
• Architectural changes requiring codebase understanding
• Complex backend logic and algorithms
• Generating comprehensive test suites

Use Gemini for:

• Visual analysis (screenshots, UI, wireframes)
• Web research (package docs, best practices)
• Frontend testing (compilation, visual regression)
• Multi-modal tasks (images, PDFs, audio, video)

Following Up

• After every codex command, immediately use AskUserQuestion to confirm next steps, collect clarifications, or decide whether to resume with codex exec resume --last.
• When resuming, pipe the new prompt via stdin: echo "new prompt" | codex exec --skip-git-repo-check resume --last 2>/dev/null. The resumed session automatically uses the same model, reasoning effort, and sandbox mode from the original session.
• Restate the chosen model, reasoning effort, and sandbox mode when proposing follow-up actions.

Error Handling

• Stop and report failures whenever codex --version or a codex exec command exits non-zero; request direction before retrying.
• Before you use high-impact flags (--full-auto, --sandbox danger-full-access, --skip-git-repo-check) ask the user for permission using AskUserQuestion unless it was already given.
• When output includes warnings or partial results, summarize them and ask how to adjust using AskUserQuestion.