Codex CLI 0.135.0 workflow
A Codex CLI guide for how to install codex cli, AGENTS.md, MCP, and reviewable verification loops.

A good Codex CLI workflow is three things kept in sync: the install your team standardizes on, the instructions the agent reads, and the verification loop that proves the diff. Codex CLI, OpenAI's coding agent, runs in your terminal and edits real files, so the win comes from the loop around it, not the install. A verification loop is the cycle of edit, run the smallest meaningful test, inspect the diff, then rerun the check that proves what you changed.
Most teams lose time before any of that. Setup drifts between machines, instructions live in someone's head, and pull requests arrive fast but hard to review. The good news: each of those is fixable with a small habit, and the habits stack.
Install Codex CLI, then verify what it will read
The install is the easy part. Pin a version so everyone runs the same thing, in this case Codex CLI 0.135.0, and write it down somewhere your teammates will actually look.
Before you point Codex at production code, check what instructions it will pick up. Open the repo's AGENTS.md, look for nested or override files in the area you'll work in, and decide on the approval mode and sandbox boundary you want. That five-minute pass cuts down surprise edits and confused reviews later.
The Codex quickstart and CLI docs cover the commands. They will not tell you your repo's rules, so that part is on you.
Keep AGENTS.md as the single source of scope
Instruction drift is the quiet failure. A repo with a backend, a frontend, and a migration path cannot run on one root file and a hopeful prompt.
Use AGENTS.md for the durable rules every task should follow. Then put nested files or temporary overrides where the work actually lives, so the agent reads local scope instead of guessing at team norms. Codex resolves these from the directory it runs in, which means the rules your reviewers expect and the rules the agent follows are the same text.
When a reviewer and the agent disagree about scope, the fix is usually a missing line in AGENTS.md, not a smarter prompt.
Run a verification loop, not a single edit
Verification gets skipped when the task is vague. If the prompt ends at "make the change," you get code that compiles in the agent's head and breaks in yours.
So make the loop explicit. Edit, run the narrowest test that touches the change, read the diff yourself, then rerun the check that proves the behavior. Codex CLI is built for this headless, scriptable style, so use it that way. The rule that keeps reviews honest is short: no verification, no merge.
Here is a checklist you can paste into a repo and use on the first pass after install.
# Codex CLI operational checklist
- [ ] Install Codex CLI and confirm the version your team will standardize on.
- [ ] Read the repo’s `AGENTS.md` before the first task.
- [ ] Check for nested `AGENTS.md` or `AGENTS.override.md` files in the work area.
- [ ] Confirm the approval mode and sandbox boundary for this repo.
- [ ] Write the task in one sentence with the expected files and behavior.
- [ ] Ask Codex for the smallest reviewable diff.
- [ ] Run the repo’s narrowest useful test or check.
- [ ] Inspect the patch for scope creep, missing tests, and unsafe connector use.
- [ ] If MCP is involved, verify the connector boundary note before merge.
- [ ] Only then hand the diff to review.
Treat MCP connectors as a boundary, not a feature
Once Codex can reach GitHub, Slack, or a database through MCP, the question stops being "can it connect?" and becomes "should it connect this way?" MCP is the protocol that lets the agent talk to outside tools, and every connector you add widens what a single run can touch.
Write down which connectors are allowed, what data they may read or write, and what needs a human before it runs. The Model Context Protocol specification is the right place to confirm the shape of that boundary.
Not every repo needs MCP on day one. If the team cannot explain the boundary in a sentence, the connector is too early. Keep it small until the loop is stable.
Common questions
-
How do I install Codex CLI? Follow the official Codex CLI docs for your platform, then confirm the version with the team. Standardizing on one version, such as 0.135.0, keeps behavior consistent across machines. Installing is quick; the part that pays off is verifying the repo's
AGENTS.mdand approval mode before the first real task. -
What is AGENTS.md and where does it go?
AGENTS.mdis a plain markdown file of instructions Codex reads before working in a repo. Put the durable, repo-wide rules in the root file, then add nestedAGENTS.mdfiles inside subfolders that need their own scope. The agent resolves the closest file to where it works, so local rules win. -
Do I need MCP to use Codex CLI? No. Codex CLI edits files and runs commands without any MCP connectors at all. Add MCP only when the agent genuinely needs an outside service like GitHub or a database, and write down the boundary first. Starting without connectors keeps each run easy to reason about and easy to review.
-
Why does my fast Codex run still get rejected in review? Usually because the diff is large, untested, or wanders past the task. Ask Codex for the smallest change that answers the request, run the narrowest test that touches it, and read the patch before anyone else does. A reviewable diff with a passing check moves through review far faster than a big, magical one.
Take the loop into one repo
A workflow that is easy to review feels slower on day one and faster by the fourth task. Drop the checklist into a single repo with your real AGENTS.md, and if you want the broader path, start at Codex CLI workflows.
Further reading
Related training topics
Related research

Codex CLI, Appshots, and Goal Mode
A practical Codex CLI comparison for codex cli vs claude code, with AGENTS.md, MCP, and verification loops.

Is Codex CLI giving MCP more reach than reviewers expect?
An operational memo for Codex CLI 0.129.0: MCP boundaries, connector owners, allowed actions, AGENTS.md instructions, and reviewable diffs.

Codex CLI 0.132.0: workflows and integrations
Codex CLI 0.132.0 tightens AGENTS.md, MCP, and verification loops for reviewable diffs.