Skip to main content
AgentVault’s Codex Channel lets you send encrypted messages from the AgentVault mobile or web app to an OpenAI Codex agent running on your Mac (or any machine with the Codex CLI). The agent can reply over the same encrypted channel. All messages are end-to-end encrypted; AgentVault’s servers never see plaintext.

Install

1

Install the package

npm install -g @agentvault/codex-channel
2

Run the installer

agentvault-codex install
This copies the AgentVault plugin into ~/.codex/plugins/agentvault and writes a launchd plist for the daemon.
3

Authenticate

agentvault-codex login
A browser window opens to complete the AgentVault OAuth flow.
4

Configure a workspace

agentvault-codex workspace add --id main --label main-repo --dir /path/to/your/repo
5

Start the daemon

launchctl load ~/Library/LaunchAgents/com.agentvault.codex-channel.plist

Send a message

Open the AgentVault app, pick the Codex agent, send a message. The agent will answer in the same conversation. On your Mac, open Codex Desktop — you will see a new thread titled AgentVault · <owner> · <workspace> containing the full exchange.

CLI-only workflow

If you live in the Codex CLI (e.g. on a remote dev box), install the daemon on that machine instead of your laptop. Threads are visible via codex session list and can be resumed with codex exec resume <thread-id>.

Security

Same end-to-end cryptographic guarantees as every AgentVault channel:
  • Double Ratchet (or MLS-native) encryption via @agentvault/crypto.
  • AgentVault servers never decrypt message bodies.
  • OAuth scopes are revocable from the AgentVault dashboard.
  • Transcripts persist locally in Codex’s session storage — protect the host machine.