# codex - Doramagic AI Context Pack

> Purpose: pre-work context for the user's host AI. This pack does not prove that the project has been installed, run, or validated.

## Project

- canonical_name: `openai/codex`
- capability: Lightweight coding agent that runs in your terminal
- expected_user_outcome: Lightweight coding agent that runs in your terminal

## Operating Boundaries

- Do not claim that the project has been installed, run, called through an API, or used on local files unless separate evidence proves it.
- Project facts must come from repo evidence, Claim Graph, or explicit source references.
- When a capability is not verified, mark it as unverified instead of completing it as fact.
- publish_status: `publishable`
- blocking_gaps: none

---

## Doramagic Context Augmentation

The following sections strengthen the repository context for a host AI. Human Manual data is a reading route, and pitfall notes become operating constraints.

## Human Manual Outline

Usage rule: this is only a reading route and salience signal, not factual authority. Concrete claims must still return to repo evidence or Claim Graph.

Host AI hard rules:
- Do not treat page titles, section order, summaries, or importance values as factual project evidence.
- When explaining the Human Manual outline, state that it is only a reading route or salience signal.
- Capability, installation, compatibility, runtime state, and risk claims must cite repo evidence, source paths, or Claim Graph.

- **Codex Overview and Workspace Architecture**: importance `high`
  - source_paths: README.md, codex-rs/Cargo.toml, codex-rs/README.md, codex-rs/cli/src/main.rs, codex-rs/cli/src/lib.rs
- **Tools, Execution, and Sandboxing**: importance `high`
  - source_paths: codex-rs/core/src/tools/mod.rs, codex-rs/core/src/tools/registry.rs, codex-rs/core/src/tools/router.rs, codex-rs/core/src/tools/handlers/mod.rs, codex-rs/core/src/tools/handlers/shell.rs
- **Extensibility: Hooks, Skills, Plugins, and Plan Mode**: importance `high`
  - source_paths: codex-rs/hooks/src/lib.rs, codex-rs/hooks/src/engine/mod.rs, codex-rs/hooks/src/types.rs, codex-rs/hooks/src/declarations.rs, codex-rs/hooks/src/registry.rs
- **Remote Control, Multi-Agent Collaboration, and the App Server Protocol**: importance `high`
  - source_paths: codex-rs/app-server/src/lib.rs, codex-rs/app-server/src/main.rs, codex-rs/app-server/src/message_processor.rs, codex-rs/app-server/src/request_processors/remote_control_processor.rs, codex-rs/app-server-protocol/src/lib.rs

## Repo Inspection Evidence

- repo_clone_verified: true
- repo_inspection_verified: true
- repo_commit: `658af936fdd04cd2661e253b4fe78d769aef8534`
- inspected_files: `pnpm-lock.yaml`, `README.md`, `package.json`, `docs/authentication.md`, `docs/license.md`, `docs/agents_md.md`, `docs/sandbox.md`, `docs/open-source-fund.md`, `docs/install.md`, `docs/example-config.md`, `docs/execpolicy.md`, `docs/getting-started.md`, `docs/config.md`, `docs/skills.md`, `docs/CLA.md`, `docs/contributing.md`, `docs/exec.md`, `docs/slash_commands.md`

Host AI hard rules:
- Without repo_clone_verified=true, do not claim that the source code has been read.
- Without repo_inspection_verified=true, do not write README, docs, or package-file conclusions as facts.
- Without quick_start_verified=true, do not claim that the Quick Start path has run successfully.

## Doramagic Pitfall Constraints

These rules come from Doramagic discovery, validation, or compilation findings. The host AI must treat them as operating constraints, not background notes.

### Constraint 1: Configuration risk requires verification

- Trigger: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/openai/codex/issues/27134
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 2: Configuration risk requires verification

- Trigger: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/openai/codex/issues/27384
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 3: Installation risk requires verification

- Trigger: Developers should check this installation risk before relying on the project: Codex CLI plugin sync writes bundled plugin marketplace into active workspace
- Host AI rule: Before packaging this project, run the relevant install/config/quickstart check for: Codex CLI plugin sync writes bundled plugin marketplace into active workspace. Context: Observed when using node, docker, windows, linux
- Why it matters: Developers may fail before the first successful local run: Codex CLI plugin sync writes bundled plugin marketplace into active workspace
- Evidence: failure_mode_cluster:github_issue | https://github.com/openai/codex/issues/27416
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 4: Installation risk requires verification

- Trigger: Project evidence flags a installation risk. Review the linked source before relying on this workflow.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: community_evidence:github | https://github.com/openai/codex/issues/27416
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 5: Configuration risk requires verification

- Trigger: Project evidence flags a configuration risk. Review the linked source before relying on this workflow.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.host_targets | github_repo:965415649 | https://github.com/openai/codex
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 6: Configuration risk requires verification

- Trigger: Developers should check this configuration risk before relying on the project: 0.138.0
- Host AI rule: Before packaging this project, run the relevant install/config/quickstart check for: 0.138.0. Context: Observed when using python, windows, macos, linux
- Why it matters: Upgrade or migration may change expected behavior: 0.138.0
- Evidence: failure_mode_cluster:github_release | https://github.com/openai/codex/releases/tag/rust-v0.138.0
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 7: Configuration risk requires verification

- Trigger: Developers should check this configuration risk before relying on the project: 0.139.0
- Host AI rule: Before packaging this project, run the relevant install/config/quickstart check for: 0.139.0. Context: Source discussion did not expose a precise runtime context.
- Why it matters: Upgrade or migration may change expected behavior: 0.139.0
- Evidence: failure_mode_cluster:github_release | https://github.com/openai/codex/releases/tag/rust-v0.139.0
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 8: Capability evidence risk requires verification

- Trigger: README/documentation is current enough for a first validation pass.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: capability.assumptions | github_repo:965415649 | https://github.com/openai/codex
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 9: Maintenance risk requires verification

- Trigger: Developers should check this migration risk before relying on the project: Unethical business practice
- Host AI rule: Before packaging this project, run the relevant install/config/quickstart check for: Unethical business practice. Context: Observed during version upgrade or migration.
- Why it matters: Developers may hit a documented source-backed failure mode: Unethical business practice
- Evidence: failure_mode_cluster:github_issue | https://github.com/openai/codex/issues/27384
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.

### Constraint 10: Maintenance risk requires verification

- Trigger: Project evidence flags a maintenance risk. Review the linked source before relying on this workflow.
- Host AI rule: Reproduce the official install and quickstart path in an isolated environment.
- Why it matters: May increase setup, validation, or first-run risk for the user.
- Evidence: evidence.maintainer_signals | github_repo:965415649 | https://github.com/openai/codex
- Hard boundary: Do not present this pitfall as solved, verified, or ignorable unless later evidence explicitly closes it.
