codex-mcp-server
mcp
Basarisiz
Health Uyari
- No license — Repository has no license file
- Description — Repository has a description
- Active repo — Last push 0 days ago
- Community trust — 394 GitHub stars
Code Basarisiz
- rm -rf — Recursive force deletion command in package.json
- process.env — Environment variable access in src/__tests__/context-building.test.ts
- process.env — Environment variable access in src/__tests__/default-model.test.ts
Permissions Gecti
- Permissions — No dangerous permissions requested
Purpose
This tool acts as a bridge, allowing AI assistants like Claude to interact directly with OpenAI's Codex CLI. It provides features such as AI-powered code generation, code review, and web search capabilities within your editor.
Security Assessment
The overall security risk is Medium. The tool requires an OpenAI API key to function, which it accesses via standard environment variables (safe for your local system, but requires secure handling). Because it acts as a wrapper for the Codex CLI, it inherently executes shell commands and makes external network requests to the OpenAI API. No hardcoded secrets were detected. However, the codebase contains a `rm -rf` recursive force deletion command inside its `package.json` file. While this might be intended for build cleanup, it is a potentially dangerous operation that warrants caution.
Quality Assessment
The project is actively maintained, with its most recent updates pushed today. It has garnered a solid amount of community trust, reflected in nearly 400 GitHub stars. The main drawback is the complete lack of a license file in the repository. While the npm package may inherit a default license, the absence of an explicit license in the source code leaves its legal permissions ambiguous and makes it unsuitable for strict commercial environments.
Verdict
Use with caution — the tool is active and highly functional, but you should verify the intent behind the `rm -rf` command and be aware of the licensing omission before integrating it.
This tool acts as a bridge, allowing AI assistants like Claude to interact directly with OpenAI's Codex CLI. It provides features such as AI-powered code generation, code review, and web search capabilities within your editor.
Security Assessment
The overall security risk is Medium. The tool requires an OpenAI API key to function, which it accesses via standard environment variables (safe for your local system, but requires secure handling). Because it acts as a wrapper for the Codex CLI, it inherently executes shell commands and makes external network requests to the OpenAI API. No hardcoded secrets were detected. However, the codebase contains a `rm -rf` recursive force deletion command inside its `package.json` file. While this might be intended for build cleanup, it is a potentially dangerous operation that warrants caution.
Quality Assessment
The project is actively maintained, with its most recent updates pushed today. It has garnered a solid amount of community trust, reflected in nearly 400 GitHub stars. The main drawback is the complete lack of a license file in the repository. While the npm package may inherit a default license, the absence of an explicit license in the source code leaves its legal permissions ambiguous and makes it unsuitable for strict commercial environments.
Verdict
Use with caution — the tool is active and highly functional, but you should verify the intent behind the `rm -rf` command and be aware of the licensing omission before integrating it.
MCP server wrapper for OpenAI Codex CLI that enables Claude Code to leverage Codex's AI capabilities directly.
README.md
Codex MCP Server
Bridge between Claude and OpenAI's Codex CLI — get AI-powered code analysis, generation, and review right in your editor.
graph LR
A[Claude Code] --> B[Codex MCP Server]
B --> C[Codex CLI]
C --> D[OpenAI API]
style A fill:#FF6B35
style B fill:#4A90E2
style C fill:#00D4AA
style D fill:#FFA500
Quick Start
1. Install Codex CLI
npm i -g @openai/codex
codex login --api-key "your-openai-api-key"
2. Add to Claude Code
claude mcp add codex-cli -- npx -y codex-mcp-server
3. Start Using
Ask codex to explain this function
Use codex to refactor this code for better performance
Use review to check my uncommitted changes
One-Click Install
Tools
| Tool | Description |
|---|---|
codex |
AI coding assistant with session support, model selection, and structured output metadata |
review |
AI-powered code review for uncommitted changes, branches, or commits |
websearch |
Web search using Codex CLI with customizable result count and search depth |
listSessions |
View active conversation sessions |
ping |
Test server connection |
help |
Get Codex CLI help |
Examples
Code analysis:
Use codex to analyze this authentication logic for security issues
Multi-turn conversations:
Use codex with sessionId "refactor" to analyze this module
Use codex with sessionId "refactor" to implement your suggestions
Passing a sessionId creates the session on first use, so listSessions will show
it (for this server instance) and subsequent calls can resume context.
Code review:
Use review with base "main" to check my PR changes
Use review with uncommitted true to review my local changes
Advanced options:
Use codex with model "o3" and reasoningEffort "high" for complex analysis
Use codex with fullAuto true and sandbox "workspace-write" for automated tasks
Use codex with callbackUri "http://localhost:1234/callback" for static callbacks
Use codex to return structuredContent with threadId metadata when available
Web search:
Use websearch with query "TypeScript 5.8 new features"
Use websearch with query "Rust vs Go performance 2025" and numResults 15
Use websearch with query "React Server Components" and searchDepth "full"
Requirements
- Codex CLI v0.75.0+ — Install with
npm i -g @openai/codexorbrew install codex - OpenAI API key — Run
codex login --api-key "your-key"to authenticate
Codex 0.87 Compatibility
- Thread ID + structured output: When Codex CLI emits
threadId, this server returns it in content metadata andstructuredContent, and advertises anoutputSchemafor structured responses.
Documentation
- API Reference — Full tool parameters and response formats
- Session Management — How conversations work
- Codex CLI Integration — Version compatibility and CLI details
Environment Variables
CODEX_MCP_CALLBACK_URI: Static MCP callback URI passed to Codex when set (overridden bycallbackUritool arg)
Development
npm install # Install dependencies
npm run dev # Development mode
npm run build # Build for production
npm test # Run tests
Related Projects
- gemini-mcp-server — MCP server for Gemini CLI with 1M+ token context, web search, and media analysis
License
ISC
Yorumlar (0)
Yorum birakmak icin giris yap.
Yorum birakSonuc bulunamadi