Skip to content
agents.cli

Two profiles as a daily habit: budget-readonly and budget-build

You met profiles twice already in this course. You bundled approval and sandbox into one named profile so you’d stop re-typing the two trust flags every launch, and you bundled a model and an effort level so the right gear came pre-selected for the kind of work. This lesson isn’t a new feature on top of those — it’s the habit that makes them pay off. A profile you defined once and forgot about saves you nothing. A profile you reach for by name a dozen times a day is the thing that keeps your trust posture honest without any willpower.

The whole habit comes down to a small, almost trivial-sounding idea: have two profiles for budgetcli, and treat switching between them as part of how you work, not an occasional config change.

Why exactly two, and why these two

Section titled “Why exactly two, and why these two”

Across a real day on budgetcli you’re doing one of two fundamentally different things, and they want opposite postures.

Some of the time you’re exploring: reading the categorisation rules engine to understand it, asking the agent to trace where a number comes from, figuring out what you want to change before you change anything. During this, the agent should not be writing files at all, and it certainly shouldn’t be running shell commands that reach your real ledger. The cost of an accidental edit here is pure downside — you weren’t trying to change anything.

The rest of the time you’re building: you’ve decided on the change, you want the agent to edit, run the tests, iterate. Here the read-only posture is just friction — every edit becomes an approval prompt, and you tune out the prompts, which is worse than not having them.

Those two modes want different settings on every dial you’ve learned, so bundle each into a profile and name them for what they’re for, not for what they contain:

~/.codex/config.toml
[profiles.budget-readonly]
approval_policy = "on-request"
sandbox_mode   = "read-only"


[profiles.budget-build]
approval_policy = "on-request"
sandbox_mode   = "workspace-write"

budget-readonly pins the sandbox to read-only: the agent can read every file in the repo and reason all it wants, but it cannot write or run anything that mutates state. budget-build opens the sandbox to workspace-write so edits and tests can happen inside the project — and, crucially, network stays off by default in workspace-write, exactly as you learned in Approvals & sandboxing, so even your building profile can’t quietly reach the real exchange-rate API unless you deliberately open it. Both keep approval_policy at on-request, which is the honest default for work on your own money: the agent asks before anything consequential, and you’re there to answer.

A profile can carry more than the trust dials — model and reasoning effort belong here too, since the config reference lets any top-level key live inside a [profiles.<name>] block. You could give budget-build a heavier effort for the categorisation work and leave budget-readonly light. Resist over-engineering it. The two-profile habit works because it’s two, not eight; the moment you have a profile for every micro-mood you’ve recreated the friction you were trying to remove.

Switching is the actual skill

Section titled “Switching is the actual skill”

Defining the profiles took thirty seconds. The skill — the part that’s a habit — is reaching for the right one at launch and switching the moment the task changes underneath you.

Launch into a profile with --profile (short -p):

Terminal window
codex --profile budget-readonly

You’re now exploring with the agent unable to touch anything. When the exploring turns into a decision — “right, I know what the rule change is, let’s make it” — that’s the switch. End the read-only session and relaunch into budget-build:

Terminal window
codex --profile budget-build

The trigger to switch is not a clock or a checklist; it’s the shape of the task changing. The instant you go from “help me understand this” to “make this change,” your posture should change with it. Run the build, get the edit reviewed and committed, and when you drop back into “now let me check what else this affected,” you drop back to budget-readonly. Read with the leash short, build with it the right length, and never leave it long when you’re only looking around.

If you find yourself living in one profile most days, set it as the default with default_profile in config.toml so a bare codex lands you there, and reserve the explicit -p for the switch. Most people on budgetcli will want budget-readonly as that default — exploring is the safer place to land by accident.

The reflex this builds

Section titled “The reflex this builds”

The reason this is the first lesson of the workflow chapter, and not buried back in the approvals chapter where the mechanics first appeared, is that the mechanics were never the hard part. The hard part is that without a habit, people pick one posture and stay in it all day — usually the loose one, because the tight one is annoying to work in — and then their trust setting has nothing to do with what they’re actually doing at any given moment. Two named profiles and the muscle to switch between them fixes that for free. Your posture tracks your task because changing it costs one flag, and one flag is cheap enough that you’ll actually do it.

Next, the other half of daily friction: briefing the agent well and smoothing the editing surface.