Introduction and Control Model

As you work more with Agentic AI (such as Codex), you might find you want different configurations than what we advise here. Configuration options also evolve rapidly, so be sure to check out the Codex configuration documentation links below to ensure you have up-to-date information.

• Config basics

• Configuration reference

• Rules

• Subagents

• Subagent concepts

Things You Cannot Control

Warning

You cannot yet prevent Codex from reading files/directories.

The Codex docs claim this is configurable, but as of April 2026 we have found that it can read most anything on your computer regardless of your configuration.

How to Control Codex Behavior

You control Codex through various layers:

1. config.toml: hard runtime controls (sandbox, approvals, networking, model, etc.).

2. rules/myrules.rules: restrict which commands your agent can run.

3. AGENTS.md: always-on project instructions in natural language.

4. SKILL.md: task-specific natural language instructions loaded only when relevant.

5. agents/*.toml: optional custom subagent configurations for specialized parallel work.

6. Your prompts when chatting.

Use config.toml and rules for enforceable boundaries when possible. Use AGENTS.md and SKILL.md for behavior and style guidance.