OpenAI Codex release notes: Enterprise gets plugin sharing

OpenAI has added a small but useful Codex change for Enterprise teams: plugin sharing is now available by default in eligible ChatGPT Enterprise workspaces. A team can share a local Codex plugin internally without putting it in a public plugin directory.

OpenAI Codex is OpenAI's coding agent for reading, changing, testing and explaining code. A Codex plugin is a package of reusable instructions, app integrations and sometimes MCP servers. MCP, or Model Context Protocol, is a way to give an agent controlled access to external tools or data sources. An approval gate is the point where a human must approve a sensitive action before the agent continues.

OpenAI Codex release notes: what changed on June 5

OpenAI's Enterprise & Edu release notes for June 5 say plugin sharing is now available by default for eligible ChatGPT Enterprise workspaces in Codex. Users can share local plugins with their workspace, and teammates can install shared plugins from the Codex plugin directory.

Source: OpenAI Help Center, ChatGPT Enterprise & Edu release notes

OpenAI's Codex documentation also describes the flow: open Plugins in the Codex app, go to Created by you, open the plugin details page, select Share, add workspace members or groups, or copy a share link. People who get access find the plugin under Shared with you. The docs also say a shared local plugin stays inside the workspace and organization boundary, and accounts outside that workspace cannot access it.

Source: OpenAI Codex docs, Build plugins

Why plugin sharing matters for Swedish teams

This matters most for organizations that have already found a useful Codex workflow and want to stop rebuilding it from memory. A plugin can carry a routine for code review, support triage, database changes, documentation or internal tool building. Once it can be shared internally, Codex depends less on one person having the right prompt saved somewhere.

That does not mean everything should be connected freely. The practical path is to share small workflows with clear boundaries: scoped API keys, secrets in a secret manager, least privilege, redaction of sensitive output, approval gates before deployment/auth/payment work, and logs that show what the agent did. This is where Hammer Automation's Tool Forge fits: not more loose prompts, but governed tool workflows that teams can test, share and review.

What to test today

Start with an internal plugin that handles a recurring, fairly low-risk task. For example: summarizing pull requests against your review template, preparing release notes from a changelog, or checking that a support answer matches your tone. Share it with a small group first and watch two things: do colleagues use it the same way, and is the result easier to review?

If the plugin needs apps, MCP servers or keys, document the required permissions before more people get it. OpenAI's docs say admins can disable plugin sharing with plugin_sharing = false in requirements.toml, through cloud-managed requirements. That is a useful reminder: plugin sharing should travel with policy, not just enthusiasm.

Source: OpenAI Codex docs, Managed configuration and Build plugins

Short example: use the new Codex feature

Human step: after an admin or workspace owner has confirmed that plugin sharing is allowed, open Plugins in the Codex app, go to Created by you, open the plugin details page, select Share and share it with a small test group. Those are the workspace-sharing steps OpenAI documents.

Source: OpenAI Codex docs, Build plugins

Then paste this into a new Codex thread where the plugin is already installed:

Use the shared customer-support plugin in this workspace. First inspect what skills, tools and app connections it exposes. Then draft a two-step support-triage routine for our team: what the plugin should read, what it may change, which actions need approval, and what log or summary humans should review. Do not call external tools until you have listed the required permissions.

Good output should show:

• which plugin parts Codex plans to use
• which permissions or external apps are required
• where a human should approve, stop or review the work
• which short log the team should keep after the run