OpenAI Codex release notes: CLI 0.137.0 makes agent work easier to govern

OpenAI Codex changelog for June 4 includes a stable Codex CLI 0.137.0 release. It is not the flashiest kind of update. It is more useful than that: better control around plugin inventory, remote control, budgets, and which environment an approved action belongs to.

Codex CLI is OpenAI's local terminal tool for coding agents. A coding agent is an AI assistant that can read a code project, propose changes, and, when you allow it, work with tools around the project. An approval gate is the point where a human says yes before the agent does something with higher risk.

Source: Codex changelog, June 4, 2026 and GitHub release rust-v0.137.0

OpenAI Codex release notes: CLI 0.137.0 in brief

The first things I would look at are the control surfaces, not the keyboard updates. The release notes say Codex CLI 0.137.0 adds codex plugin list --json, support for starting pairing and listing or revoking remote-control grants, and monthly credit limits in enterprise and admin flows.

There is more practical agent operation in the notes too: permission requests and approvals now carry environment identity, hosted web and image tools are available in more code-mode flows, and multi-agent v2 keeps runtime choice with each thread. That sounds technical, but the point is simple. When Codex gets more tools, teams need to see what is installed, who can control what, and which environment an approval applies to.

Source: OpenAI Codex changelog, GitHub release 0.137.0

Why it matters for Swedish teams

For a Swedish business testing agentic development, this is a small but useful direction: Codex is becoming easier to operate. JSON plugin lists can feed a simple review. Remote-control grants can be listed and revoked. Environment identity on approvals makes it easier to separate a local test environment from production.

That is where safe integration becomes concrete. Put secrets in environment variables or a secret manager, give Codex scoped keys with least privilege, require approval before deploy or auth changes, and log which plugins, grants, and environments were used. That is more useful than saying "do not use real systems". Use real systems when the control is clear enough.

For Hammer Automation, this belongs in Tool Forge: build a working agent routine, but make inventory, approvals, and logs part of the tool itself.

Human step: check the version and plugin list

OpenAI shows the install command for the version in the changelog:

npm install -g @openai/[email protected]

The release notes also say plugin workflows now have machine-readable output:

codex plugin list --json

Run the commands yourself in the right terminal environment if you want to test the update. Then paste the JSON output under the prompt below. The agent should not guess which plugins exist.

Source: Codex changelog, CLI 0.137.0

Short example: use the new Codex feature

Use the Codex 0.137.0 plugin inventory JSON pasted below. Compare it with AGENTS.md and the deployment README. Return a short review of which plugins are needed, which grants or environments need human approval, and what should be logged before Codex changes this repo. Do not change files.

Good output should:

• separate necessary plugins from things that can be turned off
• name which environments or grants need human approval
• propose one simple log line for agent runs
• finish without file changes

What I am watching next

0.137.0 is about control around Codex CLI. The next thing to watch is whether the same pattern gets clearer in the app, Sites, SDKs, and enterprise admin. When plugin lists, remote control, and approvals become machine-readable, small teams can start building an agent queue that can be reviewed, not just a chat that happens to write code.