How to Use OpenAI Codex More Efficiently: Best Practices & Tips

Mar 3, 2026

Cowrie

Dev @ Bswen

I spent my first month with OpenAI Codex treating it like a fancy chatbot. I’d ask questions, get answers, and manually copy code into my editor. It worked, but I knew I was missing something. After digging into the documentation and experimenting, I found that Codex has powerful features that most developers never use.

If you’ve been using Codex for a while and want to get more done with less effort, here’s what I learned.

The Problem: Treating Codex Like Basic Chat

Many developers use Codex the same way they use ChatGPT. They open it, type a question, and copy the response. This works, but it ignores the tool’s real capabilities:

• No persistent configuration - You re-explain your project every session
• No automation - You manually run commands Codex suggests
• No safety controls - You accept whatever changes Codex proposes
• No custom workflows - You repeat the same instructions over and over

The fix is to treat Codex as a development environment, not just a chat interface.

1. Set Up Configuration Files

Codex reads configuration from a CODEX.md file in your project root. This file tells Codex about your project, coding standards, and preferences.

Here’s a basic configuration:

CODEX.md

# Project Overview

This is a Node.js API with Express and PostgreSQL.

## Tech Stack
- Node.js 20
- Express 4.x
- PostgreSQL 15
- Jest for testing

## Coding Standards
- Use const/let, never var
- Prefer arrow functions
- All functions need JSDoc comments
- Error handling with try/catch

## File Structure
- /src/routes - API endpoints
- /src/services - Business logic
- /src/models - Database models
- /tests - Test files

With this file in place, Codex understands your project context without you explaining it every time.

You can also add a global ~/.codex/config.json for settings that apply across all projects:

~/.codex/config.json

{
  "model": "gpt-4",
  "temperature": 0.7,
  "maxTokens": 4096,
  "autoSave": true,
  "formatOnSave": true
}

2. Learn the Useful CLI Flags

Codex has several CLI flags that change how it behaves. I use these regularly:

Non-interactive mode - Run Codex without the chat interface:

codex --non-interactive "Add input validation to the login endpoint"

This outputs the result directly to your terminal and exits. Great for scripts and CI/CD pipelines.

Specify a different model:

codex --model gpt-4-turbo "Explain this regex pattern"

Set temperature for creativity vs consistency:

codex --temperature 0.2 "Refactor this function"  # More consistent
codex --temperature 0.8 "Suggest feature ideas"   # More creative

Include specific files as context:

codex --files src/auth.js,src/config.js "Add rate limiting to auth"

Output to a file instead of terminal:

codex --output changes.patch "Generate a patch for the bug fix"

3. Use Exec Mode for Automation

Exec mode lets Codex run commands on your system. This is where Codex shifts from “helpful assistant” to “actual pair programmer.”

Enable it with the --exec flag:

codex --exec "Run the tests and fix any failures"

Codex will:

1. Run your test command
2. Read the failures
3. Edit the code
4. Re-run tests
5. Repeat until tests pass

You can also allow specific commands in your config:

~/.codex/config.json

{
  "allowedCommands": [
    "npm test",
    "npm run lint",
    "npm run build",
    "git diff"
  ]
}

This gives Codex controlled access without full system permissions.

4. Configure Sandbox Policies

Sandbox policies control what Codex can and cannot do. This matters when you give Codex write access to your codebase.

Create a sandbox policy file:

.codex/sandbox.json

{
  "read": [
    "src/**",
    "tests/**",
    "package.json",
    "README.md"
  ],
  "write": [
    "src/**",
    "tests/**"
  ],
  "deny": [
    ".env",
    ".env.*",
    "credentials/**",
    "*.key",
    "*.pem"
  ],
  "commands": {
    "allow": ["npm", "node", "git"],
    "deny": ["rm -rf", "sudo", "chmod"]
  }
}

This configuration:

• Lets Codex read source code and tests
• Lets Codex write to source and test directories
• Blocks access to environment files and credentials
• Allows npm, node, and git commands
• Blocks destructive commands

Always review sandbox policies before giving Codex access to important projects.

5. Create Custom Skills

Skills are reusable instructions that Codex can invoke. Instead of typing the same requests repeatedly, you define them once.

Create a skills directory:

mkdir -p ~/.codex/skills

Add a skill file:

~/.codex/skills/review.md

# Code Review Skill

When I ask for a code review:

1. Check for security issues first
2. Look for performance problems
3. Verify error handling
4. Check test coverage
5. Suggest improvements

Output format:
- **Critical**: Issues that need immediate fixes
- **Warning**: Problems that should be addressed
- **Suggestion**: Optional improvements

Use the skill in a session:

codex --skill review "Review src/api/users.js"

You can also chain skills:

codex --skill review,refactor,test "Improve the authentication module"

A Practical Workflow Example

Here’s how I use these features together on a typical task:

1. Start with configuration - My CODEX.md explains the project
2. Run in non-interactive mode - Quick tasks without entering chat
3. Use exec for test-driven work - Let Codex run tests and fix code
4. Apply sandbox limits - Protect sensitive files
5. Call skills for repetitive tasks - Code reviews, refactoring, documentation

For example, adding a new API endpoint:

# Generate the endpoint with tests
codex --non-interactive --exec \
  "Add a DELETE /api/users/:id endpoint. Write tests first, implement to pass tests."

# Review the changes
codex --skill review "Review the new endpoint"

# Run the full test suite
codex --exec "Run all tests and fix any issues"

Common Mistakes to Avoid

I made these mistakes so you don’t have to:

Mistake 1: No configuration file

Without CODEX.md, Codex doesn’t know your project context. You’ll repeat yourself every session.

Mistake 2: Giving full system access

Never enable --exec without sandbox policies. Codex could accidentally delete files or commit sensitive data.

Mistake 3: Using the wrong temperature

Low temperature (0.1-0.3) for code generation. High temperature (0.7-1.0) for brainstorming. Using the wrong one gives bad results.

Mistake 4: Ignoring non-interactive mode

Non-interactive mode is perfect for quick tasks. Don’t enter the chat interface for simple queries.

Summary

In this post, I shared how to use OpenAI Codex more efficiently after moving beyond basic chat usage. The key areas to master are:

• Configuration files - CODEX.md for project context, config.json for global settings
• CLI flags - Non-interactive mode, model selection, temperature control
• Exec mode - Let Codex run commands and fix code automatically
• Sandbox policies - Control what Codex can read, write, and execute
• Custom skills - Reusable instructions for common tasks

These features turn Codex from a chat tool into a real development environment. Start with configuration, add sandbox policies for safety, then explore exec mode and skills as you get comfortable.

Final Words + More Resources

My intention with this article was to help others share my knowledge and experience. If you want to contact me, you can contact by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

• 👨‍💻 OpenAI Codex CLI Documentation
• 👨‍💻 Codex Non-Interactive Mode
• 👨‍💻 OpenAI Codex GitHub

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!

Comments

Tags:

• ai
• ai-coding
• productivity
• llm
• career

What Are Sub-Agents in OpenAI Codex?

What Tasks Is OpenAI Codex Best Suited For?