Codex skill and wrapper to run oh-my-codex from Codex App with project-local isolation.
README from GitHub

Bridge oh-my-codex (OMX) into Codex App safely by keeping the real OMX runtime in the shell and the App session honest about what is and is not active.
This repo ships a single public skill, omx-codex-app-bridge, plus a shell wrapper that:
Yeachan-Heo/oh-my-codex locally./.codex, ./.omx, and ./.omx-codex-app-bridgenpm -g installspostinstall side effects by building with npm --ignore-scriptsskill-installer system skill availablegitnodenpmThis bridge is safer than a global OMX install, but it is not a sandbox.
./.codex/ isolation separates auth, config, skills, and runtime state from ~/.codexThe wrapper therefore uses these launch modes:
launch: safe default, runs upstream OMX with --highlaunch-dangerous: explicit dangerous mode, runs upstream OMX with --madmax --highUse launch-dangerous only when you intentionally want upstream OMX to bypass Codex approvals and sandboxing.
The upstream OMX README says Codex App is not the default experience and may behave inconsistently. This bridge does not try to fake OMX runtime behavior inside the App.
Instead, it teaches the App-side agent to do two things correctly:
That split is the core safety rule.
When you use the wrapper from a project directory, state stays local to that project:
./.codex/ for the isolated Codex home used by OMX./.omx/ for upstream OMX runtime state./.omx-codex-app-bridge/ for the local OMX checkout, wrapper logs, and bridge metadataThe wrapper never copies or syncs ~/.codex/auth.json, ~/.codex/config.toml, or other global Codex files.
skills/
└── omx-codex-app-bridge/
├── SKILL.md
├── agents/openai.yaml
└── scripts/omx-bridge.sh
When Codex uses the installed skill, the wrapper path should be resolved from the skill directory, not from the user's repository:
BRIDGE_SCRIPT="${CODEX_HOME:-$HOME/.codex}/skills/omx-codex-app-bridge/scripts/omx-bridge.sh"
Use the built-in Codex skill-installer script:
INSTALLER="${CODEX_HOME:-$HOME/.codex}/skills/.system/skill-installer/scripts/install-skill-from-github.py"
python3 "$INSTALLER" \
--repo <owner>/<repo> \
--ref main \
--path skills/omx-codex-app-bridge
Or install from a direct GitHub URL:
INSTALLER="${CODEX_HOME:-$HOME/.codex}/skills/.system/skill-installer/scripts/install-skill-from-github.py"
python3 "$INSTALLER" \
--url https://github.com/<owner>/<repo>/tree/main/skills/omx-codex-app-bridge
After installation, restart Codex so it picks up the new skill.
Notes:
GITHUB_TOKEN/GH_TOKENskills/omx-codex-app-bridge/ into your active $CODEX_HOME/skills/Run the wrapper from the target project directory, or set OMX_PROJECT_ROOT explicitly if the script lives elsewhere.
From the project where you want OMX:
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" bootstrap
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" setup
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" codex-login-status
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" codex-login-device
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" doctor
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" launch
Use generic passthrough when you need a specific upstream command:
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" omx team 3:executor "fix the failing tests"
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" exec --skip-git-repo-check -C . "Reply with exactly OMX-EXEC-OK"
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" question --help
OMX_PROJECT_ROOT="$PWD" "$BRIDGE_SCRIPT" launch-dangerous
OMX_PROJECT_ROOT: target project root; defaults to the current working directoryOMX_REPO_URL: upstream OMX repo URLOMX_REPO_REF: upstream commit, tag, or branch; defaults to d56148c2020454acb37082d251f9a6ee9dba9f82OMX_SOURCE_DIR: local checkout path; defaults to ./.omx-codex-app-bridge/vendor/oh-my-codexOMX_ENTRYPOINT: explicit upstream OMX entrypoint overrideCODEX_BIN: Codex CLI binary overrideNODE_BIN, NPM_BIN, GIT_BIN: tool overridesOPENAI_API_KEY: used only by codex-login-api-keyThe default upstream checkout is pinned to the tested oh-my-codex commit:
d56148c2020454acb37082d251f9a6ee9dba9f82
Override OMX_REPO_REF only when you intentionally want a different upstream revision.
bootstrap: clone or reuse the local OMX source checkout, then install deps with --ignore-scripts and buildsetup: run omx setup --scope project against the local projectdoctor: run omx doctorlaunch: run upstream OMX with default args --highlaunch-dangerous: run upstream OMX with explicit dangerous args --madmax --highexec: run omx exec ... with local auth gatingquestion: run omx question ... with local auth gatingomx: generic passthrough to the upstream OMX CLIstatus: print resolved paths plus local login statuscodex-login-status: inspect the project-local Codex auth statecodex-login-device: perform project-local device authcodex-login-api-key: log in with OPENAI_API_KEY, project-local onlycodex-login-api-key only works with a real OpenAI API key. If your main ~/.codex/auth.json is backed by ChatGPT account tokens instead of OPENAI_API_KEY, that is not reusable for this flow and should not be copied into the project. In that case, use codex-login-device for the isolated project login.
Run the wrapper smoke tests with:
bash tests/test-omx-bridge.sh
The tests use stub codex and omx executables and verify:
setup uses project scopelaunch uses --highlaunch-dangerous uses --madmax --high
Este repositório publica uma skill para integrar o oh-my-codex com o Codex App sem fingir que o runtime OMX está ativo quando ele não está.
A regra é simples:
O bootstrap do upstream é feito localmente em ./.omx-codex-app-bridge/vendor/oh-my-codex, com npm --ignore-scripts, justamente para evitar efeitos colaterais inesperados do postinstall.
O isolamento criado aqui é de estado e configuração, não de privilégios do sistema operacional. Por isso o wrapper separa:
launch: modo padrão mais seguro, sem --madmaxlaunch-dangerous: modo explícito para quem realmente quer o bypass de approvals e sandbox do CodexPara autenticação local, codex-login-api-key só serve quando existe uma API key real da OpenAI. Se o ~/.codex principal estiver autenticado por sessão da conta ChatGPT, o fluxo correto para o projeto isolado é codex-login-device.
O checkout upstream do oh-my-codex fica pinado por padrão no commit testado d56148c2020454acb37082d251f9a6ee9dba9f82. Se quiser outro upstream, aí sim você sobrescreve OMX_REPO_REF.
Os diretórios importantes no projeto-alvo são:
./.codex/./.omx/./.omx-codex-app-bridge/Ou seja: sem instalar globalmente, sem copiar credenciais de ~/.codex, e sem contaminar a instalação principal do Codex.
Room context
Read the project first. The room is where the next question becomes a conversation.
Room chat
Join the room to talk.
Read the room now, then continue with GitHub when you want to post.