1.6 KiB
Autonomous Codex
Use the project launcher to run Codex with the azi4a2-autonomous permission
profile:
./codex-auto
For a non-interactive task:
./codex-auto exec "Continue the Astro migration, verify the build and audits, and document unresolved issues."
The launcher automatically permits non-interactive runs in this mounted workspace even when Codex cannot discover its Git metadata.
The profile:
- never pauses for approval
- limits filesystem access to minimal runtime files plus this project
- allows writes in this project
- keeps
.codexandwww.azinstitute4autism.comread-only - permits normal Git operations, including staging and committing
- enables live web search and outbound network retrievals
Outbound network access is domain-unrestricted because package installation and retrieval sources vary. The sandbox cannot distinguish a retrieval from another outbound request, so do not place secrets in project files or task prompts.
The profile is stored outside the workspace at:
~/.codex/azi4a2-autonomous.config.toml
Do not add --sandbox; legacy sandbox flags override the custom permission
profile. Do not use --dangerously-bypass-approvals-and-sandbox.
Verification
The nested setup smoke test confirmed that the project is readable and
~/.codex/auth.json is not readable. In the current host session, sandboxed
shell retrievals resolved domains but were reset by the beta network proxy.
After launching ./codex-auto directly, verify shell retrievals with:
curl -fsS https://registry.npmjs.org/astro >/dev/null
Live web search is separate from shell network access and remains enabled.