Expanded Auto-review documentation
TL;DR
New documentation for Auto-review covers the reviewer lifecycle, trigger conditions, failure behavior, and configuration options. Updates also clarify how Auto-review interacts with the sandbox boundary.
What changed
OpenAI added expanded documentation for the Auto-review feature inside Codex on May 18, 2026. The new pages cover the full reviewer lifecycle, exact trigger conditions, failure modes, and all configuration options.
The updates also spell out how Auto-review respects sandbox boundaries and what happens when a review attempt crosses those limits.
Why it matters
Solo builders who run Codex agents against live codebases now have clearer guardrails instead of guessing at edge cases. This reduces the chance that an agent silently skips reviews or hits sandbox walls without explanation.
The change signals OpenAI is treating Auto-review as a production control rather than an experimental toggle. Teams that rely on Codex for automated pull request checks gain predictability, while those who ignored the sandbox rules may need to adjust workflows.
How to use it
Open the Auto-review section at https://developers.openai.com/codex/concepts/sandboxing/auto-review. Read the lifecycle diagram first, then the trigger and failure tables.
Test the new configuration keys in a non-production workspace before enabling them on main branches. No paid plan change is required; the docs apply to any Codex CLI or app user with review permissions turned on.
Watch for
Confirm the bet if future releases expose the same lifecycle data through the Codex SDK or GitHub Action. The bet breaks if sandbox violations still produce vague errors after the docs claim full coverage. Expect a follow-up move that adds approval-mode overrides tied directly to Auto-review outcomes.
Who this matters for
- Vibe Builders: Audit your agent workflows against the new lifecycle docs to prevent silent review failures.
- Developers: Map your CI/CD triggers to the new configuration keys to ensure sandbox boundaries remain intact.
Harsh’s take
OpenAI moving Auto-review from an experimental toggle to a documented production control is a win for reliability. Most builders have been flying blind on why certain reviews fail or skip, often blaming the model when the issue was actually a sandbox boundary violation. These docs provide the specific failure modes needed to build resilient code agents.
Stop guessing at trigger conditions. The lifecycle diagram is the most important part of this update because it defines exactly when the review process starts and stops. If you are running Codex agents against live repositories, you must align your error handling with these documented failure behaviors.
This is about moving from brittle scripts to predictable, production-grade automation.
by Harsh Desai
About OpenAI Codex
View the full OpenAI Codex page →All OpenAI Codex updatesGo deeper
More AI news
- FeatureHermes Agent verifies work with completion contracts and evidence ledgers
Hermes Agent records verification evidence for coding tasks. The /goal command uses completion contracts to judge success against test runs rather than model assertions.
- FeatureCursor adds cloud agent management to the Agents window
Cursor sets up cloud development environments in under 10 minutes, spins up isolated cloud subagents using /in-cloud, and hands off sessions between local and cloud.
- FeatureCursor introduces /automate skill for automating repetitive tasks
Cursor's new /automate skill creates automations from plain language. Workflows trigger via Slack emojis or GitHub events while cloud agents access virtual computers.