Automation
In Extending you widened what a single session could reach — an exchange-rate MCP server, hooks that gate the risky moves. Every one of those still assumed you were there: launching Codex, watching it work, answering when it paused. This chapter cuts that cord. We take the same agent you’ve been driving by hand all week and let it run with nobody watching: once a month to produce budgetcli’s report, and on every push to check the transactions that just landed.
That shift sounds minor — same tool, no terminal — but it moves the stakes. In an interactive session the approval prompt is a safety net you half-ignore: when Codex reaches for a shell command outside its sandbox, it stops and asks, and you decide. Take yourself out of the room and that net is gone. There is no one to answer. So everything you set up in Approvals & sandboxing — the -a × -s two axes, network off by default — stops being a convenience and becomes the only thing between an unattended agent and your real financial data. Automation doesn’t add a new safety model; it makes the one you already have load-bearing.
The job we’ll automate
Section titled “The job we’ll automate”Same budgetcli you’ve spent the week trusting with your own money. Two chores keep landing on you by hand:
- The monthly report. At month-end you run the categoriser, total spend by category, compare against each budget, and write up the overspend. It’s mechanical, and it only happens when you remember.
- Checking new transactions. Every time you import a fresh batch of transactions, something needs to recategorise them and run the suite so a bad import doesn’t quietly corrupt months of history.
We’ll make both run on their own — the report from a single headless command, the transaction check wired into CI on every push. The thread running through the whole chapter is the one above: non-interactive means no human to approve a pause, so the run either has the sandbox and approvals it needs settled in advance, or it dies the moment it reaches for something it wasn’t granted.
We’ll build it up in order:
- Generate the monthly report headless with
codex exec— drive Codex from a script, feed it a prompt, read the result back, and exit on a status code - Wire the transaction check into CI on every push — the workflow, the API key, and the sandbox-and-approval posture an unattended run has to commit to up front
- Make CI runs reproducible with
--ignore-user-configand--ignore-rules— strip personal config and project rules so the run behaves the same on any machine, plus a word on org-managed policy - Reach for the Agents SDK when
execruns out of room — what the SDK buys you beyond one-shot calls, and the line where you should cross over to it
By the end you’ll have budgetcli’s report generating itself and its transactions getting checked without you — and, more durably, a feel for the difference between delegating a job to an agent and abandoning one.
Start with the headless command.