OpenAI has rolled out a new capability for its Codex desktop application on macOS that lets the AI agent control your computer remotely, even when the screen is off and locked. This marks a significant expansion of what Codex can do beyond traditional code completion, moving it into the territory of full desktop automation. The feature requires users to install a Computer Use plugin and grant Screen Recording and Accessibility permissions, but it opens up new possibilities for testing, debugging, and automating repetitive workflows.

What Exactly Can Codex Do With Computer Use?

The new Computer Use capability transforms Codex from a code-writing assistant into a desktop agent capable of interacting with graphical user interfaces across multiple applications. Users can send tasks to Codex remotely, and the agent will execute them on permitted apps without requiring the screen to be active or unlocked. This is particularly useful for scenarios where manual interaction would normally be required.

According to OpenAI's developer documentation, the feature is designed for workflows that lack structured integrations and rely on graphical interfaces. MacStories, which tested earlier versions of this technology from the team that joined OpenAI, praised the implementation, calling it "the best computer use feature I have ever tested." The implementation uses parallel cursors that don't necessarily bring applications to the foreground, allowing for more seamless background operation.

What Are the Practical Use Cases for Developers?

For developers and quality assurance teams, this capability addresses a real pain point: automating tasks that can only be done through a graphical interface. OpenAI's documentation lists several concrete examples of what Codex can now handle:

• Testing macOS Applications: Codex can interact with app interfaces to test functionality without manual intervention.
• Reproducing GUI-Only Bugs: When bugs only appear through graphical workflows, Codex can replicate those exact steps automatically.
• Changing Application Settings: The agent can navigate through preference menus and settings dialogs to modify configurations.
• Cross-App Workflow Automation: Codex can execute tasks that span multiple applications, automating manual processes that previously required someone to sit at the keyboard.

This represents a meaningful shift in how developers might approach automation and testing. Instead of writing complex scripts or relying on brittle UI automation frameworks, teams can describe what they want done in natural language and let Codex handle the graphical interaction.

How to Set Up Computer Use in Codex

Getting started with this feature involves a few straightforward steps to ensure proper permissions and security controls are in place:

• Install the Plugin: Users must first install the Computer Use plugin within the Codex desktop application.
• Grant Permissions: When macOS prompts, grant both Screen Recording and Accessibility permissions, which allow Codex to see the interface and simulate user input.
• Approve Applications: Before Codex operates a new application, it will ask for permission; users can mark frequently used apps as "Always allow" to streamline the process.
• Monitor Background Tasks: Since Codex can operate with the screen locked, users should be aware of what tasks are running in the background.

The permission model reflects OpenAI's attempt to balance functionality with security. Rather than granting blanket access to all applications, Codex requires explicit approval for each new app it encounters, and users can whitelist trusted applications for faster operation.

What Are the Security and Privacy Considerations?

The ability for an AI agent to operate a computer while the screen is locked introduces new security and privacy questions that industry observers are watching closely. Screen Recording and Accessibility are platform-level privileges on macOS, and granting them to any application elevates the importance of careful permission management and audit trails.

OpenAI's documentation explicitly emphasizes scoped usage and permission prompts, which aligns with standard platform guidance to minimize broad access. However, the feature does come with some intentional limitations. Codex cannot automate Terminal applications, interact with itself, or bypass system-level administrative prompts. These restrictions are designed to prevent potentially dangerous scenarios where an AI agent could gain elevated system access or modify critical system settings without explicit user intervention.

Industry observers are flagging the need for additional enterprise-focused controls, including session logging, auditability features, and time limits on background tasks. As more organizations adopt AI agents for automation, the ability to audit what an agent did and when becomes increasingly important for compliance and security investigations.

Where Is This Feature Available Right Now?

The Computer Use feature for Codex is rolling out to macOS users, but with geographic restrictions at launch. The capability is not yet available in the European Economic Area, the United Kingdom, or Switzerland. These regional limitations likely reflect different regulatory requirements and data protection frameworks in those jurisdictions.

For developers and teams in supported regions, the feature is available now through the Codex desktop application. OpenAI has not announced a specific timeline for expanding availability to restricted regions, so teams in those areas will need to wait for further updates.

What Should Teams Watch For Going Forward?

As this technology matures, several developments are worth monitoring. First, watch for expansion of regional availability and whether feature scope differs by jurisdiction. Second, look for announcements about enterprise-focused controls such as auditability, session logging, or limited timers for background tasks. Third, monitor for any security reviews or vulnerability reports related to agents using Screen Recording and Accessibility permissions.

OpenAI's documentation also recommends that teams prefer dedicated plugins or integrations over direct graphical automation whenever possible. This suggests a broader philosophy where GUI automation is a fallback option rather than the primary approach. As the ecosystem matures, we may see more structured integrations that reduce the need for agents to interact with graphical interfaces directly.

The Computer Use feature represents a meaningful expansion of what Codex can do, moving it from a code-completion tool into a broader desktop automation agent. For teams managing testing, quality assurance, or repetitive workflows, this capability could meaningfully change how work gets done. At the same time, the security and privacy implications warrant careful consideration and monitoring as adoption grows.