OpenAI on Monday open-sourced a plugin that lets developers run its Codex coding agent directly inside Anthropic's Claude Code, its most prominent competitor. The plugin, built by OpenAI's Dominik Kundel, adds three slash commands that invoke Codex through the local CLI without leaving Claude Code's terminal session. The release arrives while Claude Code holds a growing lead among developers, with Anthropic reporting that paid Claude subscriptions more than doubled in 2026.

Key Takeaways

Three commands, one second opinion

The plugin bundles /codex:review for standard read-only code reviews, /codex:adversarial-review for steerable challenge reviews that pressure-test implementation decisions, and /codex:rescue for handing tasks directly to Codex. All three support background execution. Developers track progress with /codex:status and pull results with /codex:result.

Adversarial review is the deeper option. It targets migrations, authentication changes, infrastructure scripts, and refactors where the real risk is hidden assumptions rather than surface bugs. Standard review inspects the code. Adversarial review questions whether the approach was right in the first place.

Installation runs through Claude Code's plugin marketplace. A ChatGPT subscription (including the free tier) or an OpenAI API key gets you in, plus Node.js 18.18 or later. The plugin delegates to the local Codex CLI and app server rather than spinning up a new runtime, so it inherits whatever authentication, model configuration, and MCP setup a developer already has. No new accounts. No separate billing.

An optional review gate takes the integration further, hooking Codex into Claude Code's stop events to run a targeted review before Claude finishes a task. The project documentation warns this can "create a long-running Claude/Codex loop and may drain usage limits quickly," so it ships disabled by default.

"We love an open ecosystem and Codex should work with you wherever you are," Kundel wrote on X. "Whether that's in our apps, in Xcode, JetBrains, OpenCode, Pi or even Claude Code."

Going where the developers already are

OpenAI launched a broader plugin marketplace for Codex three days before this release, adding integrations for Slack, Figma, Notion, and over 20 other services. That marketplace caught up to a feature Anthropic shipped for Claude Code five months prior. Ars Technica's Samuel Axon was direct about the competitive gap. "If you talk to developers, you'll find a lot more Claude Code users than Codex users," he wrote.

The math tells the rest. Claude Code contributed to a $2.5 billion annualized run rate for Anthropic and generates 135,000 daily commits on GitHub. Codex has reached 1.6 million weekly active users as of early March, more than tripling after the February launch of GPT-5.3 Codex, with enterprise customers like Cisco, Nvidia, and Rakuten on board. But reach and loyalty are different metrics. Claude Code keeps winning the second one.

Plugin architectures are interoperable on both sides. Build for Claude Code, it works on Codex. And the reverse. Sounds neutral. It isn't. Every time a Claude Code user runs /codex:review, OpenAI collects the API charge. One review at a time, that adds up.

Hilarious, useful, or both

Developer reactions split cleanly. "Ok, this is hilarious," wrote Mario Zechner, creator of the libGDX game framework. Dare Obasanjo, a principal program manager at Microsoft, assumed it was "some snarky way of implying you need OpenAI's coding agent to review the bad code generated by Anthropic's."

But others pointed to genuine utility. "I always get Claude and Codex to check each other's work," wrote Austin Wallace. "Claude more often finds big-picture or taste issues with Codex. And Codex more often finds correctness and code quality issues with Claude."

Different models carry different blind spots. Running one against the other is not a stunt. That's the sell. Developers have been doing it manually for months. Three keystrokes now instead of a terminal switch.

A security footnote, same day

The plugin launched on the same day Phantom Labs, the research arm of BeyondTrust, disclosed a critical vulnerability in Codex itself. The flaw allowed command injection through manipulated branch names during task creation, potentially exposing GitHub OAuth tokens. Researchers demonstrated the exploit worked across Codex's web interface, CLI, SDK, and IDE integrations.

OpenAI patched the issue with improved input validation, stronger shell escaping, and tighter token scoping. But the researchers' conclusion stayed pointed. "AI coding agents are not just productivity tools," the report stated. "They are live execution environments with access to sensitive credentials and organizational resources."

For developers weighing whether to wire another agent's credentials into their terminal, the timing landed awkwardly. The plugin reuses local Codex authentication, meaning a compromised install carries risk into both environments.

OpenAI framed the release as an open ecosystem gesture. The posture reads more defensive than generous, though that's almost beside the point. When developers refuse to switch tools, you walk your product through the competitor's front door.

Frequently Asked Questions

What does the Codex plugin for Claude Code do?

It adds three slash commands: /codex:review for code reviews, /codex:adversarial-review for challenge reviews, and /codex:rescue for delegating tasks to Codex. All run through the local Codex CLI.

Do I need a separate account for the plugin?

No. You need a ChatGPT subscription (including the free tier) or an OpenAI API key, plus Node.js 18.18 or later. The plugin uses your existing Codex authentication.

Is the plugin free?

The plugin itself is free and open source. Using it consumes your Codex usage limits or OpenAI API tokens, depending on how you authenticate.

What is the adversarial review command?

It runs a steerable challenge review that questions implementation decisions. It targets migrations, auth changes, and refactors where hidden assumptions are the real risk, not syntax errors.

Can the plugin run in the background?

Yes. All three commands support background execution. Use /codex:status to check progress, /codex:result to see output, and /codex:cancel to stop a running job.

Simon Willison Ships Rodney v0.4.0, a Browser Automation CLI Built for Coding Agents
Simon Willison released Rodney v0.4.0 this week, adding Windows support, a JavaScript assertion engine, and directory-scoped sessions to his CLI tool that lets AI coding agents drive a real browser. T
The Implicator
Anthropic's Cowork Strips the Developer Costume Off Claude Code
Simon Willison has been saying it for months. Claude Code, the terminal-based agent that Anthropic marketed to programmers, was never really a coding tool. It was a general-purpose agent that happened
The Implicator
OpenAI Launches Codex Desktop App for macOS With Multi-Agent Workflows and Doubled Rate Limits
OpenAI released a macOS desktop app for Codex today, turning its AI coding agent into a standalone application that can run multiple agents across different projects at the same time. The company also
The Implicator
Vibe Coding
Marcus Schuler

Marcus Schuler

San Francisco

Tech translator with German roots who fled to Silicon Valley chaos. Decodes startup noise from San Francisco. Launched implicator.ai to slice through AI's daily madness—crisp, clear, with Teutonic precision and sarcasm. E-Mail: [email protected]