Codex CLI
Connect OpenAI’s Codex CLI to LatchGate so every tool call goes through the execution security kernel.
Prerequisites
Section titled “Prerequisites”- LatchGate running (
latchgate upor production deployment) latchgate-mcpbinary on PATH (from GitHub Releases orbrew install latchgate-ai/tap/latchgate)- Codex CLI installed (
npm install -g @openai/codex)
Automatic setup
Section titled “Automatic setup”latchgate-mcp install --ide codexThis writes the MCP server entry to ~/.codex/config.toml under [mcp_servers.latchgate]. Restart Codex to pick up the configuration.
Preview first without writing:
latchgate-mcp install --ide codex --dry-runNote: If you set
CODEX_HOMEto a custom directory,latchgate-mcp installrespects it.
Manual setup
Section titled “Manual setup”Add to ~/.codex/config.toml:
[mcp_servers.latchgate]command = "/usr/local/bin/latchgate-mcp"args = ["serve", "--gate-url", "http://localhost:3000"]
[mcp_servers.latchgate.env]LATCHGATE_AGENT_ID = "codex"RUST_LOG = "warn"Adjust the binary path if installed elsewhere. Use which latchgate-mcp to find it.
Alternatively, use the Codex CLI to register the server:
codex mcp add latchgate \ --env LATCHGATE_AGENT_ID=codex \ --env RUST_LOG=warn \ -- latchgate-mcp serve --gate-url http://localhost:3000End-to-end verification
Section titled “End-to-end verification”- Start LatchGate:
latchgate up - Install config:
latchgate-mcp install --ide codex - Run
codexand use/mcpto confirmlatchgateappears. - Ask the agent to perform an HTTP request.
- Verify the audit trail:
latchgate audit --limit 5 - Confirm the full pipeline: lease => policy => WASM sandbox => receipt.
Production (UDS transport)
Section titled “Production (UDS transport)”Replace --gate-url with UDS + public base URL for production:
[mcp_servers.latchgate]command = "/usr/local/bin/latchgate-mcp"args = ["serve", "--public-base-url", "http://localhost:3000"]
[mcp_servers.latchgate.env]LATCHGATE_AGENT_ID = "codex"RUST_LOG = "warn"For production hardening with UDS transport, see Deployment.