Skip to main content
Corridor integrates with Codex via MCP and hooks, ensuring that code generated by the Codex CLI is checked against your security guardrails.

Prerequisites

  • Codex CLI installed (codex command available in PATH)
  • A Corridor account with a team created

Setup

1

Install the Corridor CLI

Install the Corridor CLI with a single command:
curl -fsSL https://app.corridor.dev/cli/install.sh | bash
The CLI auto-updates on startup, so you’ll always have the latest version.The installer runs corridor install automatically, detects the codex binary in PATH, and sets up the Corridor MCP server, hooks, and agent rules for Codex.The installer simultaneously installs and updates Corridor for all supported CLI tools (including Claude Code and Factory). Run this one time to install Corridor across all of these agents. You will need to re-run the installer again if you download a new agent.
2

Verify the MCP server

Restart Codex if it’s currently running. You can verify the MCP server is connected by running /mcp inside Codex, or by inspecting ~/.codex/config.toml for a [mcp_servers.corridor] entry.
Once configured, Codex will invoke Corridor’s security checks as it writes code, catching vulnerabilities and enforcing your security policies automatically.

Hooks

Hooks are deterministic scripts that run at specific points in the code generation process, enabling real-time security reviews and policy enforcement.
Corridor supports Codex hooks on macOS. MCP has full support on all platforms, so security policies are enforced at the plan level across coding agents.

MCP compliance

Corridor tracks which MCP servers are active and enforces your team’s policies. To configure, navigate to the Compliance tab in the Corridor dashboard and choose Allowlist Mode or Blocklist Mode.

Troubleshooting hooks

If hooks are not running:
  • Run corridor install --force to refresh the MCP entry in ~/.codex/config.toml and the managed hooks payload.
  • On macOS, confirm the managed hooks key is present: 
    defaults read com.openai.codex requirements_toml_base64

Codex auto-approval reviewer

When Codex runs in full-auto mode, its built-in approval reviewer evaluates every MCP tool call. By default it can flag a previously-unseen MCP server as “untrusted external MCP service” and deny corridor.* calls — the symptom is a message like “Automatic approval review denied (risk: high, authorization: low)” in the Codex output. On macOS, corridor install writes a guardian_policy_config block alongside the managed hooks in com.openai.codex requirements_toml_base64. That block tells the reviewer the corridor MCP is trusted internal tooling, so corridor.* calls are auto-approved. If you previously installed Corridor before this was added, run corridor install --force to refresh the policy. If you already have a guardian_policy_config in that same key, the installer appends its trust guidance as a clearly delimited section (between ===== BEGIN Corridor-managed trust policy ... ===== and ===== END Corridor-managed trust policy =====) rather than replacing your policy. Reinstall refreshes only that section; uninstall removes only that section.
Codex reads managed requirements from several layers, and a higher-precedence layer wins. If your guardian_policy_config is enforced through cloud-managed configuration, an MDM profile, or /etc/codex/requirements.toml, the per-user macOS key Corridor writes may not take effect. In that case, add the Corridor-trust guidance to your managed policy directly. If you also configure an mcp_servers allowlist, it must include corridor, otherwise Codex disables the server entirely.

Uninstalling

To remove the Corridor CLI and all its configuration, run the uninstall script: 
curl -fsSL https://app.corridor.dev/cli/uninstall.sh | bash

Next steps

Guardrails

Learn how guardrails protect your code

Corridor MCP

Explore Corridor’s MCP tools