ChatGPT Codex Bridge
Self-hosted MCP server that lets ChatGPT work with your local codebase through explicit tools.
README
ChatGPT Codex Bridge
ChatGPT Codex Bridge is a self-hosted MCP server that lets ChatGPT work with your local codebase through explicit tools. It can read, edit, search, run terminal commands, show change summaries, and optionally delegate larger engineering jobs to the local Codex CLI.
The project is designed for people who want ChatGPT to behave more like a local coding agent while keeping the actual source files, terminal, credentials, and tooling on their own machine.
What It Does
- Exposes selected local folders to ChatGPT through MCP.
- Provides workspace-scoped tools for reading, editing, writing, searching, and inspecting files.
- Runs Bash and Windows PowerShell commands for tests, builds, git, package scripts, and local diagnostics.
- Supports permission modes from read-only to full local development access.
- Adds audit snapshots, change summaries, and session rollback for edits made through the bridge.
- Loads project instructions from
AGENTS.mdandCLAUDE.md. - Discovers local skills from bundled and user-configured skill directories.
- Supports ChatGPT Apps-compatible tool cards and workspace UI metadata.
- Can delegate larger tasks to
codex execwith configurable model, reasoning, sandbox, speed, plan policy, and goal policy. - Includes a local settings page for roots, public URL, permission mode, audit, and Codex delegation defaults.
Detailed feature notes are in docs/features.md.
Install
Requirements:
- Node
>=20.12 <27; Node 22 LTS is recommended. - npm.
- Git.
- Bash, such as Git Bash or WSL on Windows.
- A public HTTPS tunnel or reverse proxy when connecting from ChatGPT.
- Optional: OpenAI Codex CLI if you want to use
delegate_to_codex.
Install from a local checkout:
npm install --include=dev
npm run build
node dist/cli.js init
node dist/cli.js serve
After publishing to npm, the same app can be installed globally:
npm install -g chatgpt-codex-bridge
codex-bridge init
codex-bridge serve
The legacy devspace command is also kept as a compatibility alias.
Quick Start
-
Start an HTTPS tunnel to the local server port, usually
7676.cloudflared tunnel --url http://127.0.0.1:7676 -
Initialize the bridge.
codex-bridge initDuring setup, enter:
- the local folders ChatGPT may open;
- the local port, usually
7676; - the public HTTPS origin, without
/mcp.
-
Start the MCP server.
codex-bridge serve -
Add this MCP endpoint to ChatGPT or another MCP host:
https://your-tunnel-host.example.com/mcp -
Approve the connection with the Owner password printed by
init.
The default local settings page is:
http://127.0.0.1:7676/settings
Full deployment instructions are in docs/deployment.md.
Configuration
The bridge stores local config and auth files under:
~/.devspace/config.json
~/.devspace/auth.json
The ~/.devspace path is intentionally retained for backward compatibility.
You can override it with DEVSPACE_CONFIG_DIR.
Common settings:
| Setting | Default | Purpose |
|---|---|---|
DEVSPACE_ALLOWED_ROOTS |
current directory during setup | Filesystem roots ChatGPT may open. |
DEVSPACE_PUBLIC_BASE_URL |
required | Public origin, without /mcp. |
DEVSPACE_PERMISSION_MODE |
safe_shell |
Tool permission policy. |
DEVSPACE_CODEX_DELEGATION |
1 |
Enables delegate_to_codex. |
DEVSPACE_CODEX_DEFAULT_MODEL |
gpt-5.5 |
Default Codex model. |
DEVSPACE_CODEX_DEFAULT_REASONING_EFFORT |
xhigh |
Default reasoning effort. |
DEVSPACE_CODEX_DEFAULT_SPEED |
normal |
Codex service tier, normal or fast. |
See docs/configuration.md for the full reference.
Security Model
This bridge gives a remote MCP client access to local development capabilities. Treat it like granting a trusted coding partner access to your machine.
The safety model is based on:
- a narrow filesystem allowlist;
- an Owner password approval flow;
- OAuth-protected MCP sessions;
- Host header validation;
- permission modes for edits, shells, and Codex delegation;
- audit logs and rollback support for bridge-made file edits.
Do not expose it with broad roots like ~, /, or C:\ unless you understand
the risk. Keep ~/.devspace/auth.json private.
More details are in docs/security.md.
Package
Create a distributable npm tarball:
npm run build
npm pack
The package includes dist, docs, scripts, and README.md.
Local Development
npm install --include=dev
npm run dev
npm run typecheck
npm test
npm run build
npm run start
License
MIT
Recommended Servers
playwright-mcp
A Model Context Protocol server that enables LLMs to interact with web pages through structured accessibility snapshots without requiring vision models or screenshots.
Magic Component Platform (MCP)
An AI-powered tool that generates modern UI components from natural language descriptions, integrating with popular IDEs to streamline UI development workflow.
Audiense Insights MCP Server
Enables interaction with Audiense Insights accounts via the Model Context Protocol, facilitating the extraction and analysis of marketing insights and audience data including demographics, behavior, and influencer engagement.
VeyraX MCP
Single MCP tool to connect all your favorite tools: Gmail, Calendar and 40 more.
graphlit-mcp-server
The Model Context Protocol (MCP) Server enables integration between MCP clients and the Graphlit service. Ingest anything from Slack to Gmail to podcast feeds, in addition to web crawling, into a Graphlit project - and then retrieve relevant contents from the MCP client.
Kagi MCP Server
An MCP server that integrates Kagi search capabilities with Claude AI, enabling Claude to perform real-time web searches when answering questions that require up-to-date information.
E2B
Using MCP to run code via e2b.
Neon Database
MCP server for interacting with Neon Management API and databases
Exa Search
A Model Context Protocol (MCP) server lets AI assistants like Claude use the Exa AI Search API for web searches. This setup allows AI models to get real-time web information in a safe and controlled way.
Qdrant Server
This repository is an example of how to create a MCP server for Qdrant, a vector search engine.