docs/adapters/codex-local.md
The codex_local adapter runs OpenAI's Codex CLI locally. It supports session persistence via previous_response_id chaining and skills injection through the global Codex skills directory.
codex command available)OPENAI_API_KEY set in the environment or agent config| Field | Type | Required | Description |
|---|---|---|---|
cwd | string | Yes | Working directory for the agent process (absolute path; created automatically if missing when permissions allow) |
model | string | No | Model to use |
promptTemplate | string | No | Prompt used for all runs |
env | object | No | Environment variables (supports secret refs) |
timeoutSec | number | No | Process timeout (0 = no timeout) |
graceSec | number | No | Grace period before force-kill |
fastMode | boolean | No | Enables Codex Fast mode. Currently supported on gpt-5.4 only and burns credits faster |
dangerouslyBypassApprovalsAndSandbox | boolean | No | Skip safety checks (dev only) |
Codex uses previous_response_id for session continuity. The adapter serializes and restores this across heartbeats, allowing the agent to maintain conversation context.
The adapter symlinks Paperclip skills into the global Codex skills directory (~/.codex/skills). Existing user skills are not overwritten.
When fastMode is enabled, Paperclip adds Codex config overrides equivalent to:
-c 'service_tier="fast"' -c 'features.fast_mode=true'
Paperclip currently applies that only when the selected model is gpt-5.4. On other models, the toggle is preserved in config but ignored at execution time to avoid unsupported runs.
CODEX_HOMEWhen Paperclip is running inside a managed worktree instance (PAPERCLIP_IN_WORKTREE=true), the adapter instead uses a worktree-isolated CODEX_HOME under the Paperclip instance so Codex skills, sessions, logs, and other runtime state do not leak across checkouts. It seeds that isolated home from the user's main Codex home for shared auth/config continuity.
For codex_local agents the server isolation guard pins each agent to a per-agent home (<instance>/companies/<companyId>/agents/<agentId>/codex-home) and sets OPENAI_API_KEY="" so an agent can never spend against the host API key or share another agent's Codex state.
A managed home is created empty, so the adapter must provision auth into it before launching Codex — otherwise the agent runs with zero credentials and the provider returns 401 Missing bearer. The seeding contract:
CODEX_HOME under the company tree) are always seeded: the ChatGPT-subscription auth.json is symlinked from the host Codex home, or, when a per-agent OPENAI_API_KEY is configured, an API-key auth.json is written instead.CODEX_HOME outside the Paperclip-managed company tree) are treated as self-managed and are never seeded or overwritten.auth.json and no configured API key, the run fails with an explicit adapter_failed ("no Codex credentials provisioned for managed home …") rather than emitting an unauthenticated request.For manual local CLI usage outside heartbeat runs (for example running as codexcoder directly), use:
pnpm paperclipai agent local-cli codexcoder --company-id <company-id>
This installs any missing skills, creates an agent API key, and prints shell exports to run as that agent.
If instructionsFilePath is configured, Paperclip reads that file and prepends it to the stdin prompt sent to codex exec on every run.
This is separate from any workspace-level instruction discovery that Codex itself performs in the run cwd. Paperclip does not disable Codex-native repo instruction files, so a repo-local AGENTS.md may still be loaded by Codex in addition to the Paperclip-managed agent instructions.
The environment test checks:
OPENAI_API_KEY presence)codex exec --json - with prompt Respond with hello.) to verify the CLI can actually run