Three-Tier Plugin Distribution in OpenAI Codex: Official, Team, and Personal Marketplaces

Mar 27, 2026

OpenAI Codex distributes plugins through three marketplace tiers. Each tier serves a different purpose. I use all three to manage plugins effectively.

The Three Tiers at a Glance

┌─────────────────────────────────────────────────────────────────┐
│                    OFFICIAL DIRECTORY                          │
│         (OpenAI-curated, quality guaranteed)                   │
│         Publishing not yet open for submissions                │
└─────────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────────┐
│                    REPOSITORY-LEVEL                            │
│         marketplace.json in your repo                           │
│         Team clones → everyone gets same plugins               │
│         Policies: AVAILABLE / INSTALLED_BY_DEFAULT / NOT_AVAILABLE │
└─────────────────────────────────────────────────────────────────┘
                              │
                              ▼
┌─────────────────────────────────────────────────────────────────┐
│                    PERSONAL-LEVEL                               │
│         Stored in home directory (~/.codex/plugins)             │
│         Private workflows, individual productivity             │
└─────────────────────────────────────────────────────────────────┘

Tier 1: Official Directory

OpenAI curates the official plugin directory. Quality is guaranteed because OpenAI reviews every plugin.

The catch? Publishing is not yet open. I cannot submit my plugins there yet. But I watch this space. When it opens, early plugin creators will become first-movers.

Tier 2: Repository-Level Distribution

This is where my team lives. We commit a marketplace.json file to our repository. When someone clones the repo, they get the same plugins automatically.

Here is the structure:

{
  "plugins": [
    {
      "name": "company-code-review",
      "source": "./plugins/code-review",
      "policy": "INSTALLED_BY_DEFAULT"
    },
    {
      "name": "third-party-linter",
      "source": "official-directory/linter",
      "policy": "AVAILABLE"
    },
    {
      "name": "deprecated-tool",
      "source": "./plugins/old-tool",
      "policy": "NOT_AVAILABLE"
    }
  ]
}

Understanding Installation Policies

My team administrator controls which plugins we can use:

AVAILABLE: Users choose whether to install. Optional.
INSTALLED_BY_DEFAULT: Forced install. Everyone gets it. No opt-out.
NOT_AVAILABLE: Disabled. Users cannot install this plugin.

I set our code review plugin to INSTALLED_BY_DEFAULT because every team member must use it. The third-party linter is AVAILABLE — some developers use it, some do not. We set deprecated tools to NOT_AVAILABLE to prevent accidental use.

Tier 3: Personal-Level Distribution

I keep personal plugins in my home directory. These are my private workflows. They do not sync with the team.

Location: ~/.codex/plugins/

I use personal plugins for:

Custom code snippets I do not want to share
Experimental tools I am still testing
Productivity hacks specific to my workflow

Which Tier Should I Use?

I follow this simple rule:

Scenario	Tier	Why
Official quality tools	Official Directory	Trusted, reviewed by OpenAI
Team-shared capabilities	Repository-level	Everyone gets same setup
Individual productivity	Personal-level	Private, no sync needed

Practical Example: Setting Up Team Plugins

When I set up a new project, I create marketplace.json at the root:

{
  "plugins": [
    {
      "name": "our-ai-assistant",
      "source": "./plugins/ai-assistant",
      "policy": "INSTALLED_BY_DEFAULT"
    },
    {
      "name": "optional-formatter",
      "source": "official-directory/formatter",
      "policy": "AVAILABLE"
    }
  ]
}

My team clones the repo. The AI assistant installs automatically. The formatter is optional. Everyone starts with the same baseline.

Governance for Team Administrators

Team admins can enforce policies across the organization:

Force essential plugins: Set INSTALLED_BY_DEFAULT for security tools
Block risky plugins: Set NOT_AVAILABLE for deprecated or insecure tools
Allow flexibility: Set AVAILABLE for optional productivity tools

This governance model ensures consistency while preserving individual choice where appropriate.

Preparing for the Official Store

When OpenAI opens the official directory for submissions, I will be ready:

I package my best plugins properly
I document them clearly
I submit early

First-movers get visibility. I do not want to miss that opportunity.

Summary

Plan your plugin distribution strategy now:

Use repository-level for team-shared capabilities
Use personal-level for individual workflows
Prepare for the official store opening

Team admins can enforce policies to ensure consistency. Start with marketplace.json today.

Final Words + More Resources

My intention with this article was to help others share my knowledge and experience. If you want to contact me, you can contact by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

👨‍💻 OpenAI Codex Documentation

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!