Codex CLI rules

    Codex CLI rules start with AGENTS.md.

    OpenAI Codex CLI uses AGENTS.md as a primary project rule file: the place to explain how the repo works, what commands to run, and which standards the agent should follow. AgentLint checks that file beside CLAUDE.md, Cursor rules, CI, and hooks.

    01 / AGENTS.md and Codex

    Codex CLI is a terminal-based coding agent. Before it edits files or runs commands, it builds a working prompt from the user request, the local environment, configured tools, and project instructions such as AGENTS.md.

    The useful mental model is parallel to Claude Code and CLAUDE.md. The model still reads code, tests, package files, and command output, but the instruction file is the cheap session-boot briefing. It tells Codex what the repo already decided before the first shell command is run.

    A strong AGENTS.md names the project, the relevant commands, safety boundaries, style constraints, review expectations, and any decisions that are not obvious from source code. It should be concise enough for Codex to use and concrete enough for a human reviewer to verify.

    Repos with multiple agent tools should decide how AGENTS.md relates to adjacent files. It may be the source of truth, or it may point to a shared policy file. What matters is that Codex does not receive a different set of rules than Claude Code, Cursor, CI, or pre-commit hooks.

    02 / Common AGENTS.md failure modes

    Generic AGENTS.md guidance

    Codex can read a README-style briefing, but broad advice like "be careful" or "write maintainable code" does not tell the CLI what command to run, which files to avoid, or when to stop.

    Commands that do not match the repo

    A stale AGENTS.md can point Codex at removed scripts, the wrong package manager, old test paths, or a setup command that only worked before the last migration.

    Conflicts across agent rule files

    Many teams maintain CLAUDE.md, .cursor/rules, Copilot instructions, and AGENTS.md at the same time. If they disagree, Codex gets a noisy session-boot briefing.

    No boundary for risky actions

    Rules about secrets, destructive shell commands, generated files, and release changes need more than prose. Codex should see the policy, and the repo should enforce it mechanically.

    Scope that is not obvious

    Nested instruction files can be useful, but only when the repo makes scope and precedence clear. Otherwise a local rule can look global, or a global rule can hide a directory-specific exception.

    03 / How AgentLint catches them

    Build, test, and lint rules must match actual project scripts, so Codex is not booted with commands that fail before the task begins.

    Harness rules must not contradict CI, hooks, or repository policy, which catches drift between AGENTS.md and the rest of the repo.

    Ask-versus-act boundaries must be stated, so Codex gets explicit stopping rules for risky edits instead of relying on implied intent.

    Run AgentLint on your repo.

    Audit AGENTS.md before Codex treats stale or vague instructions as project policy.

    Run AgentLint on your repo