Codex Hooks & Remote SSH Now Generally Available

Codex Hooks and Remote SSH Reach General Availability

On May 14, 2026, OpenAI made two developer-facing extensibility features generally available in Codex: Hooks, which allows custom scripts to intercept and react to Codex's lifecycle events, and Remote SSH, which extends Codex to remote development environments via encrypted connections.

Hooks: Scripting the Agentic Loop

Hooks are an extensibility mechanism that lets developers inject deterministic scripts at key moments in Codex's operation. Rather than accepting a fixed agent behavior, teams can now customize Codex at the lifecycle level — before a prompt is submitted, before a tool call executes, after a tool completes, or when a session starts or ends.

The practical use cases span security, compliance, and productivity:

• Secret scanning — a PreToolUse hook can inspect prompts and block any that contain API keys or credentials before they are sent
• Compliance logging — all Codex messages can be logged automatically via hook scripts for regulatory audit trails
• Context injection — hooks can read the working directory and prepend project-specific instructions to every prompt, eliminating the need to repeat context manually
• Output validation — PostToolUse hooks can run linters or test suites automatically after Codex edits a file, surfacing failures before the agent moves on

Hooks are configured in ~/.codex/hooks.json (user-level), ~/.codex/config.toml, or <repo>/.codex/hooks.json (project-level), enabling both personal and team-wide customizations. They can also be bundled with plugins and toggled via the /hooks slash command inside the TUI. Supported lifecycle events include SessionStart, PreToolUse, PermissionRequest, PostToolUse, UserPromptSubmit, and Stop.

Remote SSH: Extending Codex to Any Machine

Remote SSH brings the full Codex experience to machines developers access via SSH — cloud devboxes, company-managed compute, staging servers, or dedicated build machines. The Codex desktop app reads the developer's existing ~/.ssh/config file, lists recognized hosts, and lets the developer select one as the active environment.

Once connected, Codex launches a remote server process over the SSH session and routes all coding activity — file reads, shell commands, code edits — through that remote machine. Plugins, MCP servers, and credentials configured on the remote host are all available. The full approval and sandboxing model applies identically to remote work.

This is particularly valuable for teams that maintain dedicated development environments with pre-installed dependencies, specific security policies, or bespoke compute resources that are impractical to replicate locally. Instead of provisioning Codex separately on each remote machine, developers connect using their existing SSH credentials and workflows.

For off-network access, OpenAI recommends pairing Remote SSH with VPN or mesh networking tools like Tailscale rather than exposing app-server listeners to the public internet.

Availability and Plans

Both Hooks and Remote SSH are available on all Codex plans. They require the current version of the Codex desktop app on macOS; the same features apply when connecting via the newly launched mobile interface.