Back to Research

Codex CLI 0.124.0: tighter loops

Codex CLI 0.124.0 tightens AGENTS.md, hooks, MCP, Bedrock, and reviewable CLI workflows.

Editorial illustration for Codex CLI 0.124.0: tighter loops. Codex CLI 0.124.0 tightens AGENTS.md, hooks, MCP, Bedrock, and reviewable CLI workflows.
Rogier MullerMay 3, 20264 min read

The situation

Codex CLI 0.124.0 is a workflow release. The changelog points to a tighter loop: adjust reasoning in the TUI, pick the right workspace or environment per turn, and keep verification and review close to the work.

That matters for teams using Codex on real repositories. The main questions are usually whether it touched the right files, followed repo instructions, and left a diff that is easy to review. This release leans into those concerns with changes around AGENTS.md, hooks, MCP, and remote sessions.

It also broadens where Codex can fit in a production setup. Amazon Bedrock support for OpenAI-compatible providers, plus more reliable remote plugin marketplace reads, makes it easier to connect Codex to existing infrastructure without treating the CLI as a one-off tool.

If you are tracking Codex CLI workflows, this release is best read as a governance update: more control at the prompt, clearer config boundaries, and fewer hidden defaults.

Walkthrough

Start with the repo instruction chain. Codex reads AGENTS.md, so put durable repo rules in the nearest applicable file and use nested files for local exceptions. If you need a temporary override, keep it explicit and short-lived in AGENTS.override.md.

---
name: repo-guidelines
description: Follow repo layout, test, and review rules before editing code.
---

- Prefer small diffs that can be reviewed in one pass.
- Run the project’s verification command before asking for review.
- Do not change deployment config unless the task explicitly requires it.

Use the new TUI reasoning controls when the task changes shape. The release adds quick controls to lower or raise reasoning, and accepted model upgrades now reset reasoning to the new model default instead of carrying over old settings. That helps when you switch from a broad refactor to a narrow fix.

Treat multi-environment app-server sessions as a routing tool. The changelog says sessions can manage multiple environments and choose an environment and working directory per turn. That means the target workspace should be explicit in the turn that needs it, especially when you move between local, remote, or multi-repo setups.

Put verification in the loop, not after it. A Codex CLI workflow should end with a reviewable diff and a concrete check: tests, lint, or a targeted script. Ask for a minimal change, then run the smallest verification command that proves the change did what you expected.

Use hooks for deterministic checks and MCP for external reach. Hooks are now stable and can be configured inline in config.toml and managed through requirements.toml; they can observe MCP tools, apply_patch, and long-running Bash sessions. Keep the connector boundary narrow and review permissions before you let a tool reach outside the repo.

# config.toml
[hooks]
pre_tool = ["scripts/check-paths.sh"]
post_patch = ["scripts/run-targeted-tests.sh"]

[mcp]
allowed_servers = ["docs", "issues"]

If your team uses OpenAI-compatible infrastructure, test the new Bedrock path deliberately. The changelog calls out AWS SigV4 signing and AWS credential-based auth. Verify the auth chain, the provider endpoint, and the failure mode before you rely on it in a shared environment.

Keep a short review checklist beside the repo. A useful one for this release is: did the agent read the right AGENTS.md, did the diff stay inside the intended workspace, did verification run, did any MCP access stay within approved scope, and did hooks fire as expected? That is the minimum bar for trusting agent-authored work in a production codebase.

This release rewards a stronger Review step. Before merging, check the diff, the instruction chain, and the connector scope together rather than treating them as separate checks. That is the habit we mean in our methodology.

Tradeoffs and limits

The new controls help, but they do not replace task scoping. Reasoning controls will not fix a vague prompt.

Multi-environment sessions also create a new failure mode: the agent can be pointed at the wrong workspace with more confidence than before. Explicit environment selection is safer than relying on ambient shell state.

Hooks are useful because they are deterministic, but they can block work or create false confidence if they are too broad. Keep them narrow, observable, and tied to a specific policy or verification step.

MCP remains the highest-risk boundary in the workflow because it connects the agent to external systems. Review permissions, least privilege, and approval behavior before you let a connector touch production data or privileged tools.

Bedrock support is a path, not a guarantee. Teams still need to validate auth, latency, and provider-specific behavior in their own environment.

Further reading

Related training topics

Related research

Editorial illustration for Codex GPT-5.5 and browser checks. GPT-5.5, in-app browser use, and auto-reviewed approvals in Codex. What changed and how to tighten

Codex GPT-5.5 and browser checks

GPT-5.5, in-app browser use, and auto-reviewed approvals in Codex. What changed and how to tighten the loop.

Editorial illustration for Guardrails for agentic coding. The answer is usually not to pick one tool.

Guardrails for agentic coding

Standardize repo rules, review checks, and connector boundaries across coding tools.

Editorial illustration for Codex CLI 0.128.0: workflows that hold up. Codex CLI 0.128.0 is a workflow release.

Codex CLI 0.128.0: workflows that hold up

Codex CLI 0.128.0 tightens AGENTS.md, resume loops, permissions, plugins, and reviewable diffs.

Ready to start?

Transform how your team builds software.

Get in touch