I’m accessing Codex through the VSCode extension. I’ve set the mode to “Agent (full access)”. According to OpenAI’s post, “Codex IDE Extension” (I attempted to link this but was not allowed to), “If you need Codex to read files, make edits, and run commands with network access, without approval, you can use Agent (Full Access).” However, Codex asks for my approval for every single change it attempts to make. I’ve attached a screenshot below.
Is there any solution to this issue? As you can see in my screenshot, I can’t even see the changes it is attempting before approving or rejecting them. I have the agent on full access mode because I want to allow it to run its full course after a prompt. I don’t want to have to click approve every time.
I think maybe it’s bug. We need wait OPENAI to fix it. We are nothings to do on windows. But community says maybe cli on linux are not have this issues.
I encountered it on windows. It’s annoying but cmon guys it takes 2 seconds to create a python script that uses opencv to template match the accept button and click on it every 2 seconds….using ai of course.
Same here, but worse, it asks for about 20-30 terminal command approvals even in Chat mode! where it does not intend to modify any files. It can’t parse the file contents directly through VSCode so it’s fetching them from terminal commands.
Here’s a screenshot of me asking a simple question in “Chat” mode. I had to approve 23 terminal commands just so it could read the files and give me answer (no agentic task):
The model itself is great, but the command approval UX is instant regret every time I try to use Codex - I just immediately think it was not worth and I should’ve used copilot despite the paid quote.
I have dramatically decreased my prompts by adding these to the config.toml in VSCode:
approval_policy = “on-request”
model_reasoning_effort = “high”
model_reasoning_summary = “detailed”
Solution is to tell it to not use commands. I have noticed that GPT is not great at consistent tool calling and will start trying to edit files with command line rather than the file edit tool. Once I told it “Only edit files using the standard file edit tool, not with commands” then it had no problems.
I asked ChatGPT and was told to change approval_policy to “on failure”. That seems to work for me>
approval_policy = “on-failure”
The explanation from Codex:
Approval Policy Modes
untrusted – sandbox runs only well-known safe read commands. Anything else pauses for explicit user approval, which is useful when you want maximum control over what executes.
on-failure – (default) commands try once inside the sandbox; if a restriction blocks them, you’re prompted to rerun with elevated access. Good balance between flow and guardrails.
on-request – commands run sandboxed unless you explicitly escalate in the call (with_escalated_permissions: true). Lets you choose, per command, when to break out of the sandbox.
never – you can’t ask for escalations. You must solve tasks entirely within current permissions, so this mode is for environments where escalation is off-limits.
Agreed. This is absolutely ridiculous and dysfunctional.
I’m using it in Chat mode, I clicked “Approve this session” once, and that should have been the end of it.
Yet it was not, and I already ended up wasting 20 minutes clicking through this Session Approval insanity, and I’m STILL not done yet.
Please fix this, as your extension is unusable “as-is”. It may be functional, but it’s not usable.
Look at this. It’s nightmare.
Although it’s arguably less nightmarish than Sora’s so called “image to video” function, which is basically a hoax and a scam, which I can prove (image 2🖼️) I just can’t paste the “video” here.
0.4.17 was causing this for me, i rolled back to 0.4.15 until they fix this nonsense. in extension, click on down arrow next to uninstall and select install specific version.
Look at this. It’s nightmare.
