Update execpolicy.md (#7595)

2026-04-24 14:45:27 +00:00 · 2025-12-04 09:55:42 -08:00
parent 36edb412b1
commit 404a1ea34b
1 changed files with 14 additions and 2 deletions
--- a/docs/execpolicy.md
+++ b/docs/execpolicy.md
@@ -1,8 +1,20 @@
 # Execpolicy quickstart

-Codex can enforce your own rules-based execution policy before it runs shell commands. Policies live in Starlark `.codexpolicy` files under `~/.codex/policy`.
+Codex can enforce your own rules-based execution policy before it runs shell commands. Policies live in `.codexpolicy` files under `~/.codex/policy`.

-## Create a policy
+## How to create and edit rules
+
+### TUI interactions
+
+Codex CLI will present the option to whitelist commands when a command causes a prompt.
+
+<img width="513" height="168" alt="Screenshot 2025-12-04 at 9 23 54 AM" src="https://github.com/user-attachments/assets/4c8ee8ea-3101-4a81-bb13-3f4a9aa02502" />
+
+Whitelisted commands will no longer require your permission to run in current and subsequent sessions.
+
+Under the hood, when you approve and whitelist a command, codex will edit `~/.codex/policy/default.execpolicy`.
+
+### Editing `.codexpolicy` files

 1. Create a policy directory: `mkdir -p ~/.codex/policy`.
 2. Add one or more `.codexpolicy` files in that folder. Codex automatically loads every `.codexpolicy` file in there on startup.