无人值守 · exec、SDK、CI 与定时任务Unattended · exec, the SDK, CI, and Scheduled Tasks.
到这里,派活还都要你亲手发一句话。这一章把那句话也自动化:codex exec 让它在脚本里无人值守地跑一次,JSONL 事件流和 JSON Schema 约束的结构化输出让脚本能直接消费结果;SDK 把同一台引擎装进你的 TypeScript 或 Python 程序;openai/codex-action 让它长在 GitHub CI 里;定时任务让它按日程自己开工。无人时的规矩也在这一章:exec 默认只读、越界即停,hooks 在生命周期的固定时点执行你的脚本 —— 且每条 hook 都要你审过、按哈希信任过才许跑。Until now, every dispatch still needed you to type the sentence. This chapter automates the sentence itself: codex exec runs once, unattended, inside a script, with a JSONL event stream and JSON-Schema-constrained structured output that scripts consume directly; the SDK builds the same engine into your TypeScript or Python programs; openai/codex-action grows it into GitHub CI; scheduled tasks put it on a calendar. The unattended rules live here too: exec defaults to read-only and stops at the boundary, and hooks run your scripts at fixed lifecycle moments — each one reviewed and hash-trusted by you before it may run.
10 分钟 · 初稿 2026.0710 Min · Drafted 2026.07
到这里,派活还都要你亲手发一句话 —— 打开一个面、说清一件活、看它跑。这一章把那句话也自动化:让 Codex 在脚本里无人值守地跑一次,长进你自己的程序,守在每个 PR 上,按日程半夜上班。这是「不守着做完」的极限形态:活不在你这台机器、不在你醒着的时候完成。也因此,这一章的另一半讲规矩 —— 它跑得越自动,边界越要在出发前写死。Until now, every dispatch still needed you to type the sentence — open a front, state a job, watch it run. This chapter automates the sentence itself: run Codex once unattended in a script, grow it into your own programs, post it on every PR, put it on the night shift. This is the furthest form of 'finished without watching': work off your machine, outside your waking hours. Which is why the other half of this chapter is rules — the more automatically it runs, the more the boundaries must be written down before it departs.
— I
codex exec:让那句话进脚本codex exec: Put the Sentence Into a Script.
把交互会话变成一条 Unix 命令,靠的是 codex exec:跑完就退,进度走 stderr、最终消息走 stdout,天然能接进管道。1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17.它把 Codex 从「一个你打开的应用」变成「一个脚本里的工序」:Turning the interactive session into a Unix command is what codex exec does: it runs and exits, progress to stderr, the final message to stdout, naturally piping.1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17. It turns Codex from an app you open into a step in a script:
灌上下文、要结构化结果;默认只读,要改文件才放开Feed context, get structured results; read-only by default, loosen to edit
三个细节是无人化的关键。--json 让 stdout 变成 JSONL 事件流,脚本能逐条读它干了什么;--output-schema 更进一步,让最终响应符合你给的 JSON Schema,脚本直接消费结构化字段、不用解析散文。1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17.还有一条安全默认:exec 默认是只读沙箱 —— 要它改文件,必须显式 --sandbox workspace-write。1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17.第 9 章说的「回归集用 codex exec 重跑、拿 JSON 对一对」,零件就是这几个 flag。它还要求在 Git 仓库里跑,防止无人时的破坏性改动无从回滚。1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17.Three details are key to going unattended. --json turns stdout into a JSONL event stream so scripts read what it did step by step; --output-schema goes further, making the final response conform to your JSON Schema so scripts consume structured fields instead of parsing prose.1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17. And a safety default: exec is read-only by default — to edit files you must explicitly pass --sandbox workspace-write.1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17. Chapter 9's 'rerun the regression set with codex exec and diff the JSON' is built from exactly these flags. It also requires a Git repo, so unattended destructive changes are never beyond rollback.1注 1Note 1OpenAI Codex 文档 · Non-interactive mode —— codex exec 从脚本里跑 Codex,不开交互界面;进度走 stderr,最终消息走 stdout,便于管道。默认只读沙箱,要改文件加 --sandbox workspace-write。--json 让 stdout 变 JSONL 事件流(thread.started / turn.completed / item.* 等);--output-schema schema.json 让最终响应符合 JSON Schema,-o 写最终消息到文件。可 codex exec resume --last 续跑。要求在 Git 仓库里跑(--skip-git-repo-check 可绕过);CODEX_API_KEY 仅 exec 支持。截至 2026-07-17。OpenAI Codex Docs · Non-interactive mode — codex exec runs Codex from scripts without the interactive UI; progress goes to stderr, the final message to stdout for piping. Read-only sandbox by default; to edit files add --sandbox workspace-write. --json turns stdout into a JSONL event stream (thread.started / turn.completed / item.* etc.); --output-schema schema.json makes the final response conform to a JSON Schema, and -o writes the final message to a file. codex exec resume --last continues a prior run. It requires a Git repo (--skip-git-repo-check bypasses); CODEX_API_KEY is only supported in exec. As of 2026-07-17.
— II
SDK:同一台引擎,做成库The SDK: The Same Engine, as a Library.
脚本再长,也只是把命令串起来;要把 Codex 嵌进你自己的服务 —— 一个自动分诊 bug 的机器人、一个替客服读日志的后台 —— 用 Codex SDK 编程控制它。2注 2Note 2OpenAI Codex 文档 · Codex SDK —— 用 SDK 编程控制 Codex(嵌进 CI/CD、自建 agent、自家工具)。TypeScript:npm install @openai/codex-sdk,new Codex().startThread(),thread.run(prompt) 拿 result.finalResponse,resumeThread(id) 续跑。Python(beta):pip install openai-codex,Codex() / AsyncCodex() 经 app-server 控制,thread_start(model, sandbox) + run;Sandbox 预设 read_only / workspace_write / full_access 可按轮切。截至 2026-07-17。OpenAI Codex Docs · Codex SDK — control Codex programmatically (embed in CI/CD, build your own agent, internal tools). TypeScript: npm install @openai/codex-sdk, new Codex().startThread(), thread.run(prompt) returns result.finalResponse, resumeThread(id) continues. Python (beta): pip install openai-codex, Codex() / AsyncCodex() controlling it over the app-server, thread_start(model, sandbox) + run; Sandbox presets read_only / workspace_write / full_access switchable per turn. As of 2026-07-17.TypeScript 装 @openai/codex-sdk,一个 startThread() 就是一个带全套工具的对话,run(prompt) 拿结果、resumeThread(id) 续跑:However long a script, it's still commands in a row; to embed Codex into your own service — a bot that triages bugs, a backend that reads logs for support — control it programmatically with the Codex SDK.2注 2Note 2OpenAI Codex 文档 · Codex SDK —— 用 SDK 编程控制 Codex(嵌进 CI/CD、自建 agent、自家工具)。TypeScript:npm install @openai/codex-sdk,new Codex().startThread(),thread.run(prompt) 拿 result.finalResponse,resumeThread(id) 续跑。Python(beta):pip install openai-codex,Codex() / AsyncCodex() 经 app-server 控制,thread_start(model, sandbox) + run;Sandbox 预设 read_only / workspace_write / full_access 可按轮切。截至 2026-07-17。OpenAI Codex Docs · Codex SDK — control Codex programmatically (embed in CI/CD, build your own agent, internal tools). TypeScript: npm install @openai/codex-sdk, new Codex().startThread(), thread.run(prompt) returns result.finalResponse, resumeThread(id) continues. Python (beta): pip install openai-codex, Codex() / AsyncCodex() controlling it over the app-server, thread_start(model, sandbox) + run; Sandbox presets read_only / workspace_write / full_access switchable per turn. As of 2026-07-17. TypeScript installs @openai/codex-sdk: one startThread() is a fully-tooled conversation, run(prompt) takes the result, resumeThread(id) continues:
triage.ts
import { Codex } from "@openai/codex-sdk";const codex = new Codex();const thread = codex.startThread();const result = await thread.run("诊断并修好 CI 里失败的用例,做一个计划");console.log(result.finalResponse);
一个最小的 SDK 线程;Python 有对应的 openai-codex(beta)A minimal SDK thread; Python has the matching openai-codex (beta)
Python(beta)装 openai-codex,Codex() 或 AsyncCodex() 经 app-server 控制,还能按轮切 Sandbox 预设(read_only / workspace_write / full_access)—— 让「先改、再只读复审」这种两步走在代码里表达出来。2注 2Note 2OpenAI Codex 文档 · Codex SDK —— 用 SDK 编程控制 Codex(嵌进 CI/CD、自建 agent、自家工具)。TypeScript:npm install @openai/codex-sdk,new Codex().startThread(),thread.run(prompt) 拿 result.finalResponse,resumeThread(id) 续跑。Python(beta):pip install openai-codex,Codex() / AsyncCodex() 经 app-server 控制,thread_start(model, sandbox) + run;Sandbox 预设 read_only / workspace_write / full_access 可按轮切。截至 2026-07-17。OpenAI Codex Docs · Codex SDK — control Codex programmatically (embed in CI/CD, build your own agent, internal tools). TypeScript: npm install @openai/codex-sdk, new Codex().startThread(), thread.run(prompt) returns result.finalResponse, resumeThread(id) continues. Python (beta): pip install openai-codex, Codex() / AsyncCodex() controlling it over the app-server, thread_start(model, sandbox) + run; Sandbox presets read_only / workspace_write / full_access switchable per turn. As of 2026-07-17.CLI 和 SDK 怎么分工很清楚:交互开发、一次性活用 CLI;要嵌进 CI/CD、定制应用、生产自动化,用 SDK。这本书讲到这条线为止 —— 再往里,是《Agent 实战》整本书的地界。Python (beta) installs openai-codex; Codex() or AsyncCodex() control it over the app-server, and you can switch Sandbox presets per turn (read_only / workspace_write / full_access) — so a two-step 'edit, then review read-only' is expressible in code.2注 2Note 2OpenAI Codex 文档 · Codex SDK —— 用 SDK 编程控制 Codex(嵌进 CI/CD、自建 agent、自家工具)。TypeScript:npm install @openai/codex-sdk,new Codex().startThread(),thread.run(prompt) 拿 result.finalResponse,resumeThread(id) 续跑。Python(beta):pip install openai-codex,Codex() / AsyncCodex() 经 app-server 控制,thread_start(model, sandbox) + run;Sandbox 预设 read_only / workspace_write / full_access 可按轮切。截至 2026-07-17。OpenAI Codex Docs · Codex SDK — control Codex programmatically (embed in CI/CD, build your own agent, internal tools). TypeScript: npm install @openai/codex-sdk, new Codex().startThread(), thread.run(prompt) returns result.finalResponse, resumeThread(id) continues. Python (beta): pip install openai-codex, Codex() / AsyncCodex() controlling it over the app-server, thread_start(model, sandbox) + run; Sandbox presets read_only / workspace_write / full_access switchable per turn. As of 2026-07-17. How the CLI and SDK divide is clear: interactive development and one-offs use the CLI; embedding into CI/CD, custom applications, and production automation uses the SDK. This book stops at that line — past it lies the whole territory of Agent in Practice.
— III
长在 CI 和日程里Grown Into CI and the Calendar.
第三种形态不属于任何一台机器。GitHub Action(openai/codex-action@v1)在 CI 里跑 Codex:它装好 CLI、为你的 OpenAI key 起一个 Responses API 代理、跑 codex exec;输入里有 prompt、model、sandbox、output-file,最终消息作输出给后续步骤。3注 3Note 3OpenAI Codex 文档 · Codex GitHub Action —— openai/codex-action@v1 在 GitHub Actions 里跑 Codex:安装 CLI、为 OpenAI key 起一个 Responses API 代理、跑 codex exec。输入含 prompt / prompt-file、codex-args、model / effort、sandbox、output-file,final-message 作输出。默认 safety-strategy: drop-sudo(跑前移除 sudo,保护内存里的 secrets);安全清单提醒:清洗来自 PR / commit / issue 的 prompt 输入以防注入。截至 2026-07-17。OpenAI Codex Docs · Codex GitHub Action — openai/codex-action@v1 runs Codex in GitHub Actions: it installs the CLI, starts a Responses API proxy for the OpenAI key, and runs codex exec. Inputs include prompt / prompt-file, codex-args, model / effort, sandbox, output-file, with final-message as an output. Default safety-strategy: drop-sudo (removes sudo before running, protecting secrets in memory); the security checklist warns to sanitize prompt inputs from PRs / commits / issues against injection. As of 2026-07-17.默认的 safety-strategy: drop-sudo 在跑前移除 sudo、保护内存里的 secrets,安全清单还专门提醒:来自 PR、commit、issue 的 prompt 输入要先清洗,防注入。3注 3Note 3OpenAI Codex 文档 · Codex GitHub Action —— openai/codex-action@v1 在 GitHub Actions 里跑 Codex:安装 CLI、为 OpenAI key 起一个 Responses API 代理、跑 codex exec。输入含 prompt / prompt-file、codex-args、model / effort、sandbox、output-file,final-message 作输出。默认 safety-strategy: drop-sudo(跑前移除 sudo,保护内存里的 secrets);安全清单提醒:清洗来自 PR / commit / issue 的 prompt 输入以防注入。截至 2026-07-17。OpenAI Codex Docs · Codex GitHub Action — openai/codex-action@v1 runs Codex in GitHub Actions: it installs the CLI, starts a Responses API proxy for the OpenAI key, and runs codex exec. Inputs include prompt / prompt-file, codex-args, model / effort, sandbox, output-file, with final-message as an output. Default safety-strategy: drop-sudo (removes sudo before running, protecting secrets in memory); the security checklist warns to sanitize prompt inputs from PRs / commits / issues against injection. As of 2026-07-17.The third form belongs to no machine of yours. A GitHub Action (openai/codex-action@v1) runs Codex in CI: it installs the CLI, starts a Responses API proxy for your OpenAI key, and runs codex exec; its inputs include the prompt, model, sandbox, and output-file, with the final message as an output for later steps.3注 3Note 3OpenAI Codex 文档 · Codex GitHub Action —— openai/codex-action@v1 在 GitHub Actions 里跑 Codex:安装 CLI、为 OpenAI key 起一个 Responses API 代理、跑 codex exec。输入含 prompt / prompt-file、codex-args、model / effort、sandbox、output-file,final-message 作输出。默认 safety-strategy: drop-sudo(跑前移除 sudo,保护内存里的 secrets);安全清单提醒:清洗来自 PR / commit / issue 的 prompt 输入以防注入。截至 2026-07-17。OpenAI Codex Docs · Codex GitHub Action — openai/codex-action@v1 runs Codex in GitHub Actions: it installs the CLI, starts a Responses API proxy for the OpenAI key, and runs codex exec. Inputs include prompt / prompt-file, codex-args, model / effort, sandbox, output-file, with final-message as an output. Default safety-strategy: drop-sudo (removes sudo before running, protecting secrets in memory); the security checklist warns to sanitize prompt inputs from PRs / commits / issues against injection. As of 2026-07-17. The default safety-strategy: drop-sudo removes sudo before running to protect secrets in memory, and the security checklist warns specifically: prompt inputs from PRs, commits, and issues must be sanitized first against injection.3注 3Note 3OpenAI Codex 文档 · Codex GitHub Action —— openai/codex-action@v1 在 GitHub Actions 里跑 Codex:安装 CLI、为 OpenAI key 起一个 Responses API 代理、跑 codex exec。输入含 prompt / prompt-file、codex-args、model / effort、sandbox、output-file,final-message 作输出。默认 safety-strategy: drop-sudo(跑前移除 sudo,保护内存里的 secrets);安全清单提醒:清洗来自 PR / commit / issue 的 prompt 输入以防注入。截至 2026-07-17。OpenAI Codex Docs · Codex GitHub Action — openai/codex-action@v1 runs Codex in GitHub Actions: it installs the CLI, starts a Responses API proxy for the OpenAI key, and runs codex exec. Inputs include prompt / prompt-file, codex-args, model / effort, sandbox, output-file, with final-message as an output. Default safety-strategy: drop-sudo (removes sudo before running, protecting secrets in memory); the security checklist warns to sanitize prompt inputs from PRs / commits / issues against injection. As of 2026-07-17.定时的活交给定时任务:在 ChatGPT 桌面应用或网页里建、在后台按日程跑(CLI / IDE 不提供管理界面,但能先把 prompt 试好)。4注 4Note 4OpenAI Codex 文档 · Scheduled tasks —— 在后台按日程跑任务;在 ChatGPT 桌面应用与网页的 Work / Codex 里创建管理(CLI / IDE 不提供管理界面,但能先准备测试 prompt)。standalone(每次新对话跑,支持 RRULE 自定义节奏)vs in-chat(回到同一对话、用它已有上下文,支持分钟级循环)。可跑在本地项目或 worktree。无人值守,用你的默认沙箱;组织策略允许时用 approval_policy = never。截至 2026-07-17。OpenAI Codex Docs · Scheduled tasks — run tasks on a schedule in the background; create and manage them in Work / Codex in the ChatGPT desktop app and web (the CLI / IDE don't provide the management UI but can prepare and test a prompt first). Standalone (each run starts a new chat, RRULE custom cadence) vs in-chat (returns to the same chat with its existing context, minute-level loops). Can run in a local project or a worktree. Unattended, using your default sandbox; approval_policy = never when org policy allows. As of 2026-07-17.两种形态:standalone 每次开一个新对话、支持 RRULE 自定义节奏,适合独立的定期巡检;in-chat 回到同一对话、带着它已有的上下文,适合盯一件长活。可以跑在本地项目或 worktree,无人值守时用你的默认沙箱 —— 组织策略允许的话,用 approval_policy = never 全程不停下问。4注 4Note 4OpenAI Codex 文档 · Scheduled tasks —— 在后台按日程跑任务;在 ChatGPT 桌面应用与网页的 Work / Codex 里创建管理(CLI / IDE 不提供管理界面,但能先准备测试 prompt)。standalone(每次新对话跑,支持 RRULE 自定义节奏)vs in-chat(回到同一对话、用它已有上下文,支持分钟级循环)。可跑在本地项目或 worktree。无人值守,用你的默认沙箱;组织策略允许时用 approval_policy = never。截至 2026-07-17。OpenAI Codex Docs · Scheduled tasks — run tasks on a schedule in the background; create and manage them in Work / Codex in the ChatGPT desktop app and web (the CLI / IDE don't provide the management UI but can prepare and test a prompt first). Standalone (each run starts a new chat, RRULE custom cadence) vs in-chat (returns to the same chat with its existing context, minute-level loops). Can run in a local project or a worktree. Unattended, using your default sandbox; approval_policy = never when org policy allows. As of 2026-07-17.夜间依赖巡检、晨会前的 PR 摘要,都是它的班次。Scheduled work goes to scheduled tasks: created in the ChatGPT desktop app or web, run in the background on a schedule (the CLI / IDE don't provide the management UI but let you test the prompt first).4注 4Note 4OpenAI Codex 文档 · Scheduled tasks —— 在后台按日程跑任务;在 ChatGPT 桌面应用与网页的 Work / Codex 里创建管理(CLI / IDE 不提供管理界面,但能先准备测试 prompt)。standalone(每次新对话跑,支持 RRULE 自定义节奏)vs in-chat(回到同一对话、用它已有上下文,支持分钟级循环)。可跑在本地项目或 worktree。无人值守,用你的默认沙箱;组织策略允许时用 approval_policy = never。截至 2026-07-17。OpenAI Codex Docs · Scheduled tasks — run tasks on a schedule in the background; create and manage them in Work / Codex in the ChatGPT desktop app and web (the CLI / IDE don't provide the management UI but can prepare and test a prompt first). Standalone (each run starts a new chat, RRULE custom cadence) vs in-chat (returns to the same chat with its existing context, minute-level loops). Can run in a local project or a worktree. Unattended, using your default sandbox; approval_policy = never when org policy allows. As of 2026-07-17. Two forms: standalone opens a new chat each run and supports an RRULE custom cadence, right for independent periodic patrols; in-chat returns to the same chat with its existing context, right for watching one long job. They can run in a local project or a worktree, unattended with your default sandbox — and where org policy allows, approval_policy = never to never stop and ask.4注 4Note 4OpenAI Codex 文档 · Scheduled tasks —— 在后台按日程跑任务;在 ChatGPT 桌面应用与网页的 Work / Codex 里创建管理(CLI / IDE 不提供管理界面,但能先准备测试 prompt)。standalone(每次新对话跑,支持 RRULE 自定义节奏)vs in-chat(回到同一对话、用它已有上下文,支持分钟级循环)。可跑在本地项目或 worktree。无人值守,用你的默认沙箱;组织策略允许时用 approval_policy = never。截至 2026-07-17。OpenAI Codex Docs · Scheduled tasks — run tasks on a schedule in the background; create and manage them in Work / Codex in the ChatGPT desktop app and web (the CLI / IDE don't provide the management UI but can prepare and test a prompt first). Standalone (each run starts a new chat, RRULE custom cadence) vs in-chat (returns to the same chat with its existing context, minute-level loops). Can run in a local project or a worktree. Unattended, using your default sandbox; approval_policy = never when org policy allows. As of 2026-07-17. Nightly dependency patrols and pre-standup PR digests are their shifts.
— IV
无人时的规矩:hooks 与信任Rules for When No One's Watching: Hooks and Trust.
交互会话里,审批弹窗是最后的安全网;无人值守时没有这张网 —— 边界要前置。第 4 章那套沙箱、审批、规则照样在;这一章再加一层 hooks:把你的脚本注入 agentic 循环的固定时点(工具调用前后、会话结束、收工时),用来记录对话、拦下贴出的 API key、收工前跑一遍校验。5注 5Note 5OpenAI Codex 文档 · Hooks —— 把你的脚本注入 agentic 循环(记录对话、拦贴出的 API key、自动生成记忆、收工时跑校验)。配 hooks.json 或 config.toml 的 [hooks],位置 ~/.codex/ 与项目 .codex/(信任项目才加载)。事件含 PreToolUse、PermissionRequest、PostToolUse、UserPromptSubmit、Stop、SubagentStart / Stop、SessionStart。JSON 进 stdin;matcher 按工具名过滤(Bash、apply_patch / Edit|Write、mcp__*)。关键:非托管命令 hook 必须先经你审阅、按当前哈希信任过才许跑,改了就重新标记待审;/hooks 里审阅与信任。GA 于 2026-05,[features] hooks = true 默认。截至 2026-07-17。OpenAI Codex Docs · Hooks — inject your scripts into the agentic loop (log chats, block pasted API keys, auto-generate memories, run a check when a turn stops). Configure via hooks.json or [hooks] in config.toml, located in ~/.codex/ and project .codex/ (loaded only for trusted projects). Events include PreToolUse, PermissionRequest, PostToolUse, UserPromptSubmit, Stop, SubagentStart / Stop, SessionStart. JSON on stdin; matcher filters by tool name (Bash, apply_patch / Edit|Write, mcp__*). Key: a non-managed command hook must be reviewed and trusted against its current hash before it runs, and re-marked for review when changed; review and trust in /hooks. GA in 2026-05, [features] hooks = true by default. As of 2026-07-17.配在 hooks.json 或 config.toml 的 [hooks] 里,事件有 PreToolUse、PostToolUse、Stop、SessionStart 这些,matcher 按工具名筛。5注 5Note 5OpenAI Codex 文档 · Hooks —— 把你的脚本注入 agentic 循环(记录对话、拦贴出的 API key、自动生成记忆、收工时跑校验)。配 hooks.json 或 config.toml 的 [hooks],位置 ~/.codex/ 与项目 .codex/(信任项目才加载)。事件含 PreToolUse、PermissionRequest、PostToolUse、UserPromptSubmit、Stop、SubagentStart / Stop、SessionStart。JSON 进 stdin;matcher 按工具名过滤(Bash、apply_patch / Edit|Write、mcp__*)。关键:非托管命令 hook 必须先经你审阅、按当前哈希信任过才许跑,改了就重新标记待审;/hooks 里审阅与信任。GA 于 2026-05,[features] hooks = true 默认。截至 2026-07-17。OpenAI Codex Docs · Hooks — inject your scripts into the agentic loop (log chats, block pasted API keys, auto-generate memories, run a check when a turn stops). Configure via hooks.json or [hooks] in config.toml, located in ~/.codex/ and project .codex/ (loaded only for trusted projects). Events include PreToolUse, PermissionRequest, PostToolUse, UserPromptSubmit, Stop, SubagentStart / Stop, SessionStart. JSON on stdin; matcher filters by tool name (Bash, apply_patch / Edit|Write, mcp__*). Key: a non-managed command hook must be reviewed and trusted against its current hash before it runs, and re-marked for review when changed; review and trust in /hooks. GA in 2026-05, [features] hooks = true by default. As of 2026-07-17.In an interactive session the approval prompt is the last net; unattended, there is no net — the boundary moves upfront. Chapter 4's sandbox, approvals, and rules still hold; this chapter adds a layer of hooks: your scripts injected at fixed points in the agentic loop (before/after a tool call, at session end, when a turn stops), to log chats, block a pasted API key, or run a check before it finishes.5注 5Note 5OpenAI Codex 文档 · Hooks —— 把你的脚本注入 agentic 循环(记录对话、拦贴出的 API key、自动生成记忆、收工时跑校验)。配 hooks.json 或 config.toml 的 [hooks],位置 ~/.codex/ 与项目 .codex/(信任项目才加载)。事件含 PreToolUse、PermissionRequest、PostToolUse、UserPromptSubmit、Stop、SubagentStart / Stop、SessionStart。JSON 进 stdin;matcher 按工具名过滤(Bash、apply_patch / Edit|Write、mcp__*)。关键:非托管命令 hook 必须先经你审阅、按当前哈希信任过才许跑,改了就重新标记待审;/hooks 里审阅与信任。GA 于 2026-05,[features] hooks = true 默认。截至 2026-07-17。OpenAI Codex Docs · Hooks — inject your scripts into the agentic loop (log chats, block pasted API keys, auto-generate memories, run a check when a turn stops). Configure via hooks.json or [hooks] in config.toml, located in ~/.codex/ and project .codex/ (loaded only for trusted projects). Events include PreToolUse, PermissionRequest, PostToolUse, UserPromptSubmit, Stop, SubagentStart / Stop, SessionStart. JSON on stdin; matcher filters by tool name (Bash, apply_patch / Edit|Write, mcp__*). Key: a non-managed command hook must be reviewed and trusted against its current hash before it runs, and re-marked for review when changed; review and trust in /hooks. GA in 2026-05, [features] hooks = true by default. As of 2026-07-17. Configured in hooks.json or [hooks] in config.toml, with events like PreToolUse, PostToolUse, Stop, and SessionStart, filtered by tool name in the matcher.5注 5Note 5OpenAI Codex 文档 · Hooks —— 把你的脚本注入 agentic 循环(记录对话、拦贴出的 API key、自动生成记忆、收工时跑校验)。配 hooks.json 或 config.toml 的 [hooks],位置 ~/.codex/ 与项目 .codex/(信任项目才加载)。事件含 PreToolUse、PermissionRequest、PostToolUse、UserPromptSubmit、Stop、SubagentStart / Stop、SessionStart。JSON 进 stdin;matcher 按工具名过滤(Bash、apply_patch / Edit|Write、mcp__*)。关键:非托管命令 hook 必须先经你审阅、按当前哈希信任过才许跑,改了就重新标记待审;/hooks 里审阅与信任。GA 于 2026-05,[features] hooks = true 默认。截至 2026-07-17。OpenAI Codex Docs · Hooks — inject your scripts into the agentic loop (log chats, block pasted API keys, auto-generate memories, run a check when a turn stops). Configure via hooks.json or [hooks] in config.toml, located in ~/.codex/ and project .codex/ (loaded only for trusted projects). Events include PreToolUse, PermissionRequest, PostToolUse, UserPromptSubmit, Stop, SubagentStart / Stop, SessionStart. JSON on stdin; matcher filters by tool name (Bash, apply_patch / Edit|Write, mcp__*). Key: a non-managed command hook must be reviewed and trusted against its current hash before it runs, and re-marked for review when changed; review and trust in /hooks. GA in 2026-05, [features] hooks = true by default. As of 2026-07-17.动手 · 把一件活送出你的视线:Hands-on · send one job out of your sight:
01
把一个重复检查做成 codex exec 一行Make one recurring check a codex exec one-liner
挑你每周手动做的一个检查(错字、日志异常、路由清单),写成 codex exec,加 --output-schema 让结果能被脚本消费,挂进 package.json 或 Makefile。Pick a check you do weekly by hand (typos, log anomalies, a route inventory), write it as codex exec with --output-schema so a script can consume it, and hang it in package.json or a Makefile.
02
给团队仓库装上 GitHub ActionInstall the GitHub Action on the team repo
配 openai/codex-action@v1 在 PR 上跑一次小活,把 API key 放进 secrets、safety-strategy 保持 drop-sudo,看它从触发到留言走完全程。Configure openai/codex-action@v1 to run one small job on a PR, put the API key in secrets, keep safety-strategy on drop-sudo, and watch it go from trigger to comment.
03
设一个夜班定时任务,先确认 hook 在跑Put one task on the night shift; confirm the hooks fire first
用定时任务给明早设一个巡检,出发前在 /hooks 里确认你的校验 hook 已被信任 —— 无人时,规矩必须先于活出发。Use a scheduled task to set tomorrow morning's patrol; before it leaves, confirm your check hook is trusted in /hooks — with no one watching, the rules must depart before the work.
活可以不在你眼前跑,
规矩必须先于它出发.
The work can run out of sight;
the rules must leave before it does.
Aklman Library
— 讨论Discussion
讨论Discussion.
评论区初始化中…Initializing comments…
01 / 01
没有匹配结果No matches.
换个关键词,或按 Esc 回到页面Try another keyword, or press Esc to return