Control when Codex stops to ask
approvals & sandbox
// what it does
-a/--ask-for-approval sets when Codex pauses for you. untrusted asks before anything not known-safe; on-request (the repo default) works freely inside the sandbox and asks only to step outside it or use the network; never never prompts. Persist it with approval_policy in config.toml.
// shell
$ codex --ask-for-approval on-request "refactor and run the tests"$ codex -a untrusted "explore the repo and summarize it"// gotcha
never does not mean "do anything" — the sandbox still constrains it. For truly unfenced runs, pair -a never with --sandbox danger-full-access (or use --yolo), and understand the risk.