tui

`--enable enable...` is a bad look

.github/workflows/ci.yml

@@ -46,7 +46,7 @@ jobs:
           echo "pack_output=$PACK_OUTPUT" >> "$GITHUB_OUTPUT"
 
       - name: Upload staged npm package artifact
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v6
         with:
           name: codex-npm-staging
           path: ${{ steps.stage_npm_package.outputs.pack_output }}

.github/workflows/rust-ci.yml

@@ -166,7 +166,7 @@ jobs:
       # avoid caching the large target dir on the gnu-dev job.
       - name: Restore cargo home cache
         id: cache_cargo_home_restore
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v5
         with:
           path: |
             ~/.cargo/bin/
@@ -207,7 +207,7 @@ jobs:
       - name: Restore sccache cache (fallback)
         if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
         id: cache_sccache_restore
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v5
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -226,7 +226,7 @@ jobs:
       - if: ${{ matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl'}}
         name: Restore APT cache (musl)
         id: cache_apt_restore
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v5
         with:
           path: |
             /var/cache/apt
@@ -280,7 +280,7 @@ jobs:
       - name: Save cargo home cache
         if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v5
         with:
           path: |
             ~/.cargo/bin/
@@ -292,7 +292,7 @@ jobs:
       - name: Save sccache cache (fallback)
         if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
         continue-on-error: true
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v5
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -317,7 +317,7 @@ jobs:
       - name: Save APT cache (musl)
         if: always() && !cancelled() && (matrix.target == 'x86_64-unknown-linux-musl' || matrix.target == 'aarch64-unknown-linux-musl') && steps.cache_apt_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v5
         with:
           path: |
             /var/cache/apt
@@ -427,7 +427,7 @@ jobs:
 
       - name: Restore cargo home cache
         id: cache_cargo_home_restore
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v5
         with:
           path: |
             ~/.cargo/bin/
@@ -467,7 +467,7 @@ jobs:
       - name: Restore sccache cache (fallback)
         if: ${{ env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true' }}
         id: cache_sccache_restore
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v5
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}
@@ -490,7 +490,7 @@ jobs:
       - name: Save cargo home cache
         if: always() && !cancelled() && steps.cache_cargo_home_restore.outputs.cache-hit != 'true'
         continue-on-error: true
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v5
         with:
           path: |
             ~/.cargo/bin/
@@ -502,7 +502,7 @@ jobs:
       - name: Save sccache cache (fallback)
         if: always() && !cancelled() && env.USE_SCCACHE == 'true' && env.SCCACHE_GHA_ENABLED != 'true'
         continue-on-error: true
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v5
         with:
           path: ${{ github.workspace }}/.sccache/
           key: sccache-${{ matrix.runner }}-${{ matrix.target }}-${{ matrix.profile }}-${{ steps.lockhash.outputs.hash }}-${{ github.run_id }}

.github/workflows/rust-release.yml

@@ -84,7 +84,7 @@ jobs:
         with:
           targets: ${{ matrix.target }}
 
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
         with:
           path: |
             ~/.cargo/bin/
@@ -306,6 +306,8 @@ jobs:
           if [[ "${{ matrix.runner }}" == windows* ]]; then
             cp target/${{ matrix.target }}/release/codex.exe "$dest/codex-${{ matrix.target }}.exe"
             cp target/${{ matrix.target }}/release/codex-responses-api-proxy.exe "$dest/codex-responses-api-proxy-${{ matrix.target }}.exe"
+            cp target/${{ matrix.target }}/release/codex-windows-sandbox-setup.exe "$dest/codex-windows-sandbox-setup-${{ matrix.target }}.exe"
+            cp target/${{ matrix.target }}/release/codex-command-runner.exe "$dest/codex-command-runner-${{ matrix.target }}.exe"
           else
             cp target/${{ matrix.target }}/release/codex "$dest/codex-${{ matrix.target }}"
             cp target/${{ matrix.target }}/release/codex-responses-api-proxy "$dest/codex-responses-api-proxy-${{ matrix.target }}"
@@ -401,7 +403,7 @@ jobs:
             fi
           fi
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: ${{ matrix.target }}
           # Upload the per-binary .zst files as well as the new .tar.gz
@@ -437,7 +439,7 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v6
 
-      - uses: actions/download-artifact@v4
+      - uses: actions/download-artifact@v7
         with:
           path: dist
 

.github/workflows/shell-tool-mcp.yml

@@ -113,7 +113,7 @@ jobs:
           cp "target/${{ matrix.target }}/release/codex-exec-mcp-server" "$dest/"
           cp "target/${{ matrix.target }}/release/codex-execve-wrapper" "$dest/"
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: shell-tool-mcp-rust-${{ matrix.target }}
           path: artifacts/**
@@ -211,7 +211,7 @@ jobs:
           mkdir -p "$dest"
           cp bash "$dest/bash"
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: shell-tool-mcp-bash-${{ matrix.target }}-${{ matrix.variant }}
           path: artifacts/**
@@ -253,7 +253,7 @@ jobs:
           mkdir -p "$dest"
           cp bash "$dest/bash"
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: shell-tool-mcp-bash-${{ matrix.target }}-${{ matrix.variant }}
           path: artifacts/**
@@ -291,7 +291,7 @@ jobs:
         run: pnpm --filter @openai/codex-shell-tool-mcp run build
 
       - name: Download build artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v7
         with:
           path: artifacts
 
@@ -352,7 +352,7 @@ jobs:
           filename=$(PACK_INFO="$pack_info" node -e 'const data = JSON.parse(process.env.PACK_INFO); console.log(data[0].filename);')
           mv "dist/npm/${filename}" "dist/npm/codex-shell-tool-mcp-npm-${PACKAGE_VERSION}.tgz"
 
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@v6
         with:
           name: codex-shell-tool-mcp-npm
           path: dist/npm/codex-shell-tool-mcp-npm-${{ env.PACKAGE_VERSION }}.tgz
@@ -386,7 +386,7 @@ jobs:
         run: npm install -g npm@latest
 
       - name: Download npm tarball
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v7
         with:
           name: codex-shell-tool-mcp-npm
           path: dist/npm

AGENTS.md

@@ -11,7 +11,6 @@ In the codex-rs folder where the rust code lives:
 - Always collapse if statements per https://rust-lang.github.io/rust-clippy/master/index.html#collapsible_if
 - Always inline format! args when possible per https://rust-lang.github.io/rust-clippy/master/index.html#uninlined_format_args
 - Use method references over closures when possible per https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure_for_method_calls
-- Do not use unsigned integer even if the number cannot be negative.
 - When writing tests, prefer comparing the equality of entire objects over fields one by one.
 - When making a change that adds or changes an API, ensure that the documentation in the `docs/` folder is up to date if applicable.
 

codex-rs/Cargo.lock

@@ -12,6 +12,154 @@ dependencies = [
  "regex",
 ]
 
+[[package]]
+name = "actix-codec"
+version = "0.5.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5f7b0a21988c1bf877cf4759ef5ddaac04c1c9fe808c9142ecb78ba97d97a28a"
+dependencies = [
+ "bitflags 2.10.0",
+ "bytes",
+ "futures-core",
+ "futures-sink",
+ "memchr",
+ "pin-project-lite",
+ "tokio",
+ "tokio-util",
+ "tracing",
+]
+
+[[package]]
+name = "actix-http"
+version = "3.11.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7926860314cbe2fb5d1f13731e387ab43bd32bca224e82e6e2db85de0a3dba49"
+dependencies = [
+ "actix-codec",
+ "actix-rt",
+ "actix-service",
+ "actix-utils",
+ "bitflags 2.10.0",
+ "bytes",
+ "bytestring",
+ "derive_more 2.0.1",
+ "encoding_rs",
+ "foldhash 0.1.5",
+ "futures-core",
+ "http 0.2.12",
+ "httparse",
+ "httpdate",
+ "itoa",
+ "language-tags",
+ "mime",
+ "percent-encoding",
+ "pin-project-lite",
+ "smallvec",
+ "tokio",
+ "tokio-util",
+ "tracing",
+]
+
+[[package]]
+name = "actix-router"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "13d324164c51f63867b57e73ba5936ea151b8a41a1d23d1031eeb9f70d0236f8"
+dependencies = [
+ "bytestring",
+ "cfg-if",
+ "http 0.2.12",
+ "regex-lite",
+ "serde",
+ "tracing",
+]
+
+[[package]]
+name = "actix-rt"
+version = "2.11.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "92589714878ca59a7626ea19734f0e07a6a875197eec751bb5d3f99e64998c63"
+dependencies = [
+ "futures-core",
+ "tokio",
+]
+
+[[package]]
+name = "actix-server"
+version = "2.6.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a65064ea4a457eaf07f2fba30b4c695bf43b721790e9530d26cb6f9019ff7502"
+dependencies = [
+ "actix-rt",
+ "actix-service",
+ "actix-utils",
+ "futures-core",
+ "futures-util",
+ "mio",
+ "socket2 0.5.10",
+ "tokio",
+ "tracing",
+]
+
+[[package]]
+name = "actix-service"
+version = "2.0.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9e46f36bf0e5af44bdc4bdb36fbbd421aa98c79a9bce724e1edeb3894e10dc7f"
+dependencies = [
+ "futures-core",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "actix-utils"
+version = "3.0.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88a1dcdff1466e3c2488e1cb5c36a71822750ad43839937f85d2f4d9f8b705d8"
+dependencies = [
+ "local-waker",
+ "pin-project-lite",
+]
+
+[[package]]
+name = "actix-web"
+version = "4.12.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1654a77ba142e37f049637a3e5685f864514af11fcbc51cb51eb6596afe5b8d6"
+dependencies = [
+ "actix-codec",
+ "actix-http",
+ "actix-router",
+ "actix-rt",
+ "actix-server",
+ "actix-service",
+ "actix-utils",
+ "bytes",
+ "bytestring",
+ "cfg-if",
+ "derive_more 2.0.1",
+ "encoding_rs",
+ "foldhash 0.1.5",
+ "futures-core",
+ "futures-util",
+ "impl-more",
+ "itoa",
+ "language-tags",
+ "log",
+ "mime",
+ "once_cell",
+ "pin-project-lite",
+ "regex-lite",
+ "serde",
+ "serde_json",
+ "serde_urlencoded",
+ "smallvec",
+ "socket2 0.6.1",
+ "time",
+ "tracing",
+ "url",
+]
+
 [[package]]
 name = "addr2line"
 version = "0.24.2"
@@ -455,7 +603,7 @@ dependencies = [
  "axum-core",
  "bytes",
  "futures-util",
- "http",
+ "http 1.3.1",
  "http-body",
  "http-body-util",
  "hyper",
@@ -483,7 +631,7 @@ checksum = "68464cd0412f486726fb3373129ef5d2993f90c34bc2bc1c1e9943b2f4fc7ca6"
 dependencies = [
  "bytes",
  "futures-core",
- "http",
+ "http 1.3.1",
  "http-body",
  "http-body-util",
  "mime",
@@ -515,6 +663,12 @@ version = "0.22.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6"
 
+[[package]]
+name = "base64ct"
+version = "1.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "0e050f626429857a27ddccb31e0aca21356bfa709c04041aefddac081a8f068a"
+
 [[package]]
 name = "beef"
 version = "0.5.2"
@@ -620,6 +774,15 @@ version = "1.10.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a"
 
+[[package]]
+name = "bytestring"
+version = "1.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "113b4343b5f6617e7ad401ced8de3cc8b012e73a594347c307b90db3e9271289"
+dependencies = [
+ "bytes",
+]
+
 [[package]]
 name = "cassowary"
 version = "0.3.0"
@@ -804,7 +967,7 @@ dependencies = [
  "codex-protocol",
  "eventsource-stream",
  "futures",
- "http",
+ "http 1.3.1",
  "pretty_assertions",
  "regex-lite",
  "reqwest",
@@ -840,7 +1003,6 @@ dependencies = [
  "codex-utils-json-to-toml",
  "core_test_support",
  "mcp-types",
- "opentelemetry-appender-tracing",
  "os_info",
  "pretty_assertions",
  "serde",
@@ -863,6 +1025,7 @@ dependencies = [
  "anyhow",
  "clap",
  "codex-protocol",
+ "codex-utils-absolute-path",
  "mcp-types",
  "pretty_assertions",
  "schemars 0.8.22",
@@ -1013,7 +1176,9 @@ dependencies = [
  "bytes",
  "eventsource-stream",
  "futures",
- "http",
+ "http 1.3.1",
+ "opentelemetry",
+ "opentelemetry_sdk",
  "rand 0.9.2",
  "reqwest",
  "serde",
@@ -1021,6 +1186,8 @@ dependencies = [
  "thiserror 2.0.17",
  "tokio",
  "tracing",
+ "tracing-opentelemetry",
+ "tracing-subscriber",
 ]
 
 [[package]]
@@ -1121,7 +1288,7 @@ dependencies = [
  "escargot",
  "eventsource-stream",
  "futures",
- "http",
+ "http 1.3.1",
  "image",
  "indexmap 2.12.0",
  "keyring",
@@ -1159,6 +1326,7 @@ dependencies = [
  "toml 0.9.5",
  "toml_edit",
  "tracing",
+ "tracing-subscriber",
  "tracing-test",
  "tree-sitter",
  "tree-sitter-bash",
@@ -1181,10 +1349,10 @@ dependencies = [
  "codex-common",
  "codex-core",
  "codex-protocol",
+ "codex-utils-absolute-path",
  "core_test_support",
  "libc",
  "mcp-types",
- "opentelemetry-appender-tracing",
  "owo-colors",
  "predicates",
  "pretty_assertions",
@@ -1221,7 +1389,7 @@ dependencies = [
  "serde",
  "serde_json",
  "shlex",
- "socket2 0.6.0",
+ "socket2 0.6.1",
  "tempfile",
  "tokio",
  "tokio-util",
@@ -1320,6 +1488,7 @@ version = "0.0.0"
 dependencies = [
  "clap",
  "codex-core",
+ "codex-utils-absolute-path",
  "landlock",
  "libc",
  "seccompiler",
@@ -1412,12 +1581,14 @@ name = "codex-otel"
 version = "0.0.0"
 dependencies = [
  "chrono",
+ "codex-api",
  "codex-app-server-protocol",
  "codex-protocol",
  "codex-utils-absolute-path",
  "eventsource-stream",
- "http",
+ "http 1.3.1",
  "opentelemetry",
+ "opentelemetry-appender-tracing",
  "opentelemetry-otlp",
  "opentelemetry-semantic-conventions",
  "opentelemetry_sdk",
@@ -1428,6 +1599,8 @@ dependencies = [
  "tokio",
  "tonic",
  "tracing",
+ "tracing-opentelemetry",
+ "tracing-subscriber",
 ]
 
 [[package]]
@@ -1444,6 +1617,7 @@ version = "0.0.0"
 dependencies = [
  "anyhow",
  "codex-git",
+ "codex-utils-absolute-path",
  "codex-utils-image",
  "icu_decimal",
  "icu_locale_core",
@@ -1542,6 +1716,7 @@ dependencies = [
  "codex-file-search",
  "codex-login",
  "codex-protocol",
+ "codex-utils-absolute-path",
  "codex-windows-sandbox",
  "color-eyre",
  "crossterm",
@@ -1555,7 +1730,6 @@ dependencies = [
  "lazy_static",
  "libc",
  "mcp-types",
- "opentelemetry-appender-tracing",
  "pathdiff",
  "pretty_assertions",
  "pulldown-cmark",
@@ -1611,6 +1785,7 @@ dependencies = [
  "codex-login",
  "codex-protocol",
  "codex-tui",
+ "codex-utils-absolute-path",
  "codex-windows-sandbox",
  "color-eyre",
  "crossterm",
@@ -1624,7 +1799,6 @@ dependencies = [
  "lazy_static",
  "libc",
  "mcp-types",
- "opentelemetry-appender-tracing",
  "pathdiff",
  "pretty_assertions",
  "pulldown-cmark",
@@ -1663,16 +1837,18 @@ name = "codex-utils-absolute-path"
 version = "0.0.0"
 dependencies = [
  "path-absolutize",
+ "schemars 0.8.22",
  "serde",
  "serde_json",
  "tempfile",
+ "ts-rs",
 ]
 
 [[package]]
 name = "codex-utils-cache"
 version = "0.0.0"
 dependencies = [
- "lru",
+ "lru 0.16.2",
  "sha1",
  "tokio",
 ]
@@ -1735,6 +1911,7 @@ dependencies = [
  "base64",
  "chrono",
  "codex-protocol",
+ "codex-utils-absolute-path",
  "dirs-next",
  "dunce",
  "rand 0.8.5",
@@ -1877,6 +2054,7 @@ dependencies = [
  "base64",
  "codex-core",
  "codex-protocol",
+ "codex-utils-absolute-path",
  "notify",
  "regex-lite",
  "serde_json",
@@ -2144,6 +2322,16 @@ dependencies = [
  "serde_json",
 ]
 
+[[package]]
+name = "der"
+version = "0.7.10"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e7c1832837b905bbfb5101e07cc24c8deddf52f93225eee6ead5f4d63d53ddcb"
+dependencies = [
+ "pem-rfc7468",
+ "zeroize",
+]
+
 [[package]]
 name = "deranged"
 version = "0.5.4"
@@ -2684,6 +2872,12 @@ version = "0.1.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
 
+[[package]]
+name = "foldhash"
+version = "0.2.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "77ce24cb58228fbb8aa041425bb1050850ac19177686ea6e0f41a70416f56fdb"
+
 [[package]]
 name = "foreign-types"
 version = "0.3.2"
@@ -2914,7 +3108,7 @@ dependencies = [
  "fnv",
  "futures-core",
  "futures-sink",
- "http",
+ "http 1.3.1",
  "indexmap 2.12.0",
  "slab",
  "tokio",
@@ -2956,7 +3150,7 @@ checksum = "5971ac85611da7067dbfcabef3c70ebb5606018acd9e2a3903a0da507521e0d5"
 dependencies = [
  "allocator-api2",
  "equivalent",
- "foldhash",
+ "foldhash 0.1.5",
 ]
 
 [[package]]
@@ -2964,6 +3158,11 @@ name = "hashbrown"
 version = "0.16.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d"
+dependencies = [
+ "allocator-api2",
+ "equivalent",
+ "foldhash 0.2.0",
+]
 
 [[package]]
 name = "heck"
@@ -3021,6 +3220,17 @@ dependencies = [
  "windows-link 0.1.3",
 ]
 
+[[package]]
+name = "http"
+version = "0.2.12"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "601cbb57e577e2f5ef5be8e7b83f0f63994f25aa94d673e54a92d5c516d101f1"
+dependencies = [
+ "bytes",
+ "fnv",
+ "itoa",
+]
+
 [[package]]
 name = "http"
 version = "1.3.1"
@@ -3039,7 +3249,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "1efedce1fb8e6913f23e0c92de8e62cd5b772a67e7b3946df930a62566c93184"
 dependencies = [
  "bytes",
- "http",
+ "http 1.3.1",
 ]
 
 [[package]]
@@ -3050,7 +3260,7 @@ checksum = "b021d93e26becf5dc7e1b75b1bed1fd93124b374ceb73f43d4d4eafec896a64a"
 dependencies = [
  "bytes",
  "futures-core",
- "http",
+ "http 1.3.1",
  "http-body",
  "pin-project-lite",
 ]
@@ -3078,7 +3288,7 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "h2",
- "http",
+ "http 1.3.1",
  "http-body",
  "httparse",
  "httpdate",
@@ -3096,7 +3306,7 @@ version = "0.27.7"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "e3c93eb611681b207e1fe55d5a71ecf91572ec8a6705cdb6857f7d8d5242cf58"
 dependencies = [
- "http",
+ "http 1.3.1",
  "hyper",
  "hyper-util",
  "rustls",
@@ -3148,14 +3358,14 @@ dependencies = [
  "futures-channel",
  "futures-core",
  "futures-util",
- "http",
+ "http 1.3.1",
  "http-body",
  "hyper",
  "ipnet",
  "libc",
  "percent-encoding",
  "pin-project-lite",
- "socket2 0.6.0",
+ "socket2 0.5.10",
  "system-configuration",
  "tokio",
  "tower-service",
@@ -3372,6 +3582,12 @@ dependencies = [
  "zune-jpeg 0.5.5",
 ]
 
+[[package]]
+name = "impl-more"
+version = "0.1.9"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e8a5a9a0ff0086c7a148acb942baaabeadf9504d10400b5a05645853729b9cd2"
+
 [[package]]
 name = "indenter"
 version = "0.3.3"
@@ -3689,6 +3905,12 @@ dependencies = [
  "thiserror 2.0.17",
 ]
 
+[[package]]
+name = "language-tags"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d4345964bb142484797b161f473a503a434de77149dd8c7427788c6e13379388"
+
 [[package]]
 name = "lazy_static"
 version = "1.5.0"
@@ -3748,6 +3970,12 @@ version = "0.8.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "241eaef5fd12c88705a01fc1066c48c4b36e0dd4377dcdc7ec3942cea7a69956"
 
+[[package]]
+name = "local-waker"
+version = "0.1.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "4d873d7c67ce09b42110d801813efbc9364414e356be9935700d368351657487"
+
 [[package]]
 name = "lock_api"
 version = "0.4.13"
@@ -3796,6 +4024,15 @@ dependencies = [
  "hashbrown 0.15.4",
 ]
 
+[[package]]
+name = "lru"
+version = "0.16.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "96051b46fc183dc9cd4a223960ef37b9af631b55191852a8274bfef064cda20f"
+dependencies = [
+ "hashbrown 0.16.0",
+]
+
 [[package]]
 name = "lru-slab"
 version = "0.1.2"
@@ -4193,7 +4430,7 @@ dependencies = [
  "base64",
  "chrono",
  "getrandom 0.2.16",
- "http",
+ "http 1.3.1",
  "rand 0.8.5",
  "reqwest",
  "serde",
@@ -4386,7 +4623,7 @@ checksum = "50f6639e842a97dbea8886e3439710ae463120091e2e064518ba8e716e6ac36d"
 dependencies = [
  "async-trait",
  "bytes",
- "http",
+ "http 1.3.1",
  "opentelemetry",
  "reqwest",
 ]
@@ -4397,7 +4634,7 @@ version = "0.30.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "dbee664a43e07615731afc539ca60c6d9f1a9425e25ca09c57bc36c87c55852b"
 dependencies = [
- "http",
+ "http 1.3.1",
  "opentelemetry",
  "opentelemetry-http",
  "opentelemetry-proto",
@@ -4563,6 +4800,15 @@ version = "0.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "df94ce210e5bc13cb6651479fa48d14f601d9858cfe0467f43ae157023b938d3"
 
+[[package]]
+name = "pem-rfc7468"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
+dependencies = [
+ "base64ct",
+]
+
 [[package]]
 name = "percent-encoding"
 version = "2.3.1"
@@ -4905,7 +5151,7 @@ dependencies = [
  "quinn-udp",
  "rustc-hash",
  "rustls",
- "socket2 0.6.0",
+ "socket2 0.5.10",
  "thiserror 2.0.17",
  "tokio",
  "tracing",
@@ -4942,7 +5188,7 @@ dependencies = [
  "cfg_aliases 0.2.1",
  "libc",
  "once_cell",
- "socket2 0.6.0",
+ "socket2 0.5.10",
  "tracing",
  "windows-sys 0.60.2",
 ]
@@ -5043,7 +5289,7 @@ dependencies = [
  "indoc",
  "instability",
  "itertools 0.13.0",
- "lru",
+ "lru 0.12.5",
  "paste",
  "strum 0.26.3",
  "unicode-segmentation",
@@ -5165,7 +5411,7 @@ dependencies = [
  "futures-core",
  "futures-util",
  "h2",
- "http",
+ "http 1.3.1",
  "http-body",
  "http-body-util",
  "hyper",
@@ -5226,7 +5472,7 @@ dependencies = [
  "bytes",
  "chrono",
  "futures",
- "http",
+ "http 1.3.1",
  "http-body",
  "http-body-util",
  "oauth2",
@@ -5607,13 +5853,14 @@ checksum = "d767eb0aabc880b29956c35734170f26ed551a859dbd361d140cdbeca61ab1e2"
 
 [[package]]
 name = "sentry"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5484316556650182f03b43d4c746ce0e3e48074a21e2f51244b648b6542e1066"
+checksum = "d9794f69ad475e76c057e326175d3088509649e3aed98473106b9fe94ba59424"
 dependencies = [
  "httpdate",
  "native-tls",
  "reqwest",
+ "sentry-actix",
  "sentry-backtrace",
  "sentry-contexts",
  "sentry-core",
@@ -5625,22 +5872,34 @@ dependencies = [
 ]
 
 [[package]]
-name = "sentry-backtrace"
-version = "0.34.0"
+name = "sentry-actix"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "40aa225bb41e2ec9d7c90886834367f560efc1af028f1c5478a6cce6a59c463a"
+checksum = "e0fee202934063ace4f1d1d063113b8982293762628e563a2d2fba08fb20b110"
+dependencies = [
+ "actix-http",
+ "actix-web",
+ "bytes",
+ "futures-util",
+ "sentry-core",
+]
+
+[[package]]
+name = "sentry-backtrace"
+version = "0.46.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e81137ad53b8592bd0935459ad74c0376053c40084aa170451e74eeea8dbc6c3"
 dependencies = [
  "backtrace",
- "once_cell",
  "regex",
  "sentry-core",
 ]
 
 [[package]]
 name = "sentry-contexts"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a8dd746da3d16cb8c39751619cefd4fcdbd6df9610f3310fd646b55f6e39910"
+checksum = "cfb403c66cc2651a01b9bacda2e7c22cd51f7e8f56f206aa4310147eb3259282"
 dependencies = [
  "hostname",
  "libc",
@@ -5652,33 +5911,32 @@ dependencies = [
 
 [[package]]
 name = "sentry-core"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "161283cfe8e99c8f6f236a402b9ccf726b201f365988b5bb637ebca0abbd4a30"
+checksum = "cfc409727ae90765ca8ea76fe6c949d6f159a11d02e130b357fa652ee9efcada"
 dependencies = [
- "once_cell",
- "rand 0.8.5",
+ "rand 0.9.2",
  "sentry-types",
  "serde",
  "serde_json",
+ "url",
 ]
 
 [[package]]
 name = "sentry-debug-images"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8fc6b25e945fcaa5e97c43faee0267eebda9f18d4b09a251775d8fef1086238a"
+checksum = "06a2778a222fd90ebb01027c341a72f8e24b0c604c6126504a4fe34e5500e646"
 dependencies = [
  "findshlibs",
- "once_cell",
  "sentry-core",
 ]
 
 [[package]]
 name = "sentry-panic"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bc74f229c7186dd971a9491ffcbe7883544aa064d1589bd30b83fb856cd22d63"
+checksum = "3df79f4e1e72b2a8b75a0ebf49e78709ceb9b3f0b451f13adc92a0361b0aaabe"
 dependencies = [
  "sentry-backtrace",
  "sentry-core",
@@ -5686,10 +5944,11 @@ dependencies = [
 
 [[package]]
 name = "sentry-tracing"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cd3c5faf2103cd01eeda779ea439b68c4ee15adcdb16600836e97feafab362ec"
+checksum = "ff2046f527fd4b75e0b6ab3bd656c67dce42072f828dc4d03c206d15dca74a93"
 dependencies = [
+ "bitflags 2.10.0",
  "sentry-backtrace",
  "sentry-core",
  "tracing-core",
@@ -5698,16 +5957,16 @@ dependencies = [
 
 [[package]]
 name = "sentry-types"
-version = "0.34.0"
+version = "0.46.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5d68cdf6bc41b8ff3ae2a9c4671e97426dcdd154cc1d4b6b72813f285d6b163f"
+checksum = "c7b9b4e4c03a4d3643c18c78b8aa91d2cbee5da047d2fa0ca4bb29bc67e6c55c"
 dependencies = [
  "debugid",
  "hex",
- "rand 0.8.5",
+ "rand 0.9.2",
  "serde",
  "serde_json",
- "thiserror 1.0.69",
+ "thiserror 2.0.17",
  "time",
  "url",
  "uuid",
@@ -6034,12 +6293,12 @@ dependencies = [
 
 [[package]]
 name = "socket2"
-version = "0.6.0"
+version = "0.6.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "233504af464074f9d066d7b5416c5f9b894a5862a6506e306f7b816cdd6f1807"
+checksum = "17129e116933cf371d018bb80ae557e889637989d8638274fb25622827b03881"
 dependencies = [
  "libc",
- "windows-sys 0.59.0",
+ "windows-sys 0.60.2",
 ]
 
 [[package]]
@@ -6605,7 +6864,7 @@ dependencies = [
  "pin-project-lite",
  "signal-hook-registry",
  "slab",
- "socket2 0.6.0",
+ "socket2 0.6.1",
  "tokio-macros",
  "windows-sys 0.59.0",
 ]
@@ -6752,7 +7011,7 @@ dependencies = [
  "base64",
  "bytes",
  "h2",
- "http",
+ "http 1.3.1",
  "http-body",
  "http-body-util",
  "hyper",
@@ -6800,7 +7059,7 @@ dependencies = [
  "bitflags 2.10.0",
  "bytes",
  "futures-util",
- "http",
+ "http 1.3.1",
  "http-body",
  "iri-string",
  "pin-project-lite",
@@ -6887,6 +7146,24 @@ dependencies = [
  "tracing-core",
 ]
 
+[[package]]
+name = "tracing-opentelemetry"
+version = "0.31.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ddcf5959f39507d0d04d6413119c04f33b623f4f951ebcbdddddfad2d0623a9c"
+dependencies = [
+ "js-sys",
+ "once_cell",
+ "opentelemetry",
+ "opentelemetry_sdk",
+ "smallvec",
+ "tracing",
+ "tracing-core",
+ "tracing-log",
+ "tracing-subscriber",
+ "web-time",
+]
+
 [[package]]
 name = "tracing-subscriber"
 version = "0.3.20"
@@ -7103,15 +7380,31 @@ checksum = "8ecb6da28b8a351d773b68d5825ac39017e680750f980f3a1a85cd8dd28a47c1"
 
 [[package]]
 name = "ureq"
-version = "2.12.1"
+version = "3.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "02d1a66277ed75f640d608235660df48c8e3c19f3b4edb6a263315626cc3c01d"
+checksum = "d39cb1dbab692d82a977c0392ffac19e188bd9186a9f32806f0aaa859d75585a"
 dependencies = [
  "base64",
+ "der",
  "log",
  "native-tls",
- "once_cell",
- "url",
+ "percent-encoding",
+ "rustls-pki-types",
+ "ureq-proto",
+ "utf-8",
+ "webpki-root-certs",
+]
+
+[[package]]
+name = "ureq-proto"
+version = "0.5.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d81f9efa9df032be5934a46a068815a10a042b494b6a58cb0a1a97bb5467ed6f"
+dependencies = [
+ "base64",
+ "http 1.3.1",
+ "httparse",
+ "log",
 ]
 
 [[package]]
@@ -7132,6 +7425,12 @@ version = "2.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "daf8dba3b7eb870caf1ddeed7bc9d2a049f3cfdfae7cb521b087cc33ae4c49da"
 
+[[package]]
+name = "utf-8"
+version = "0.7.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "09cc8ee72d2a9becf2f2febe0205bbed8fc6615b7cb429ad062dc7b7ddd036a9"
+
 [[package]]
 name = "utf8_iter"
 version = "1.0.4"
@@ -7429,6 +7728,15 @@ dependencies = [
  "web-sys",
 ]
 
+[[package]]
+name = "webpki-root-certs"
+version = "1.0.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ee3e3b5f5e80bc89f30ce8d0343bf4e5f12341c51f3e26cbeecbc7c85443e85b"
+dependencies = [
+ "rustls-pki-types",
+]
+
 [[package]]
 name = "webpki-roots"
 version = "1.0.2"
@@ -8015,7 +8323,7 @@ dependencies = [
  "base64",
  "deadpool",
  "futures",
- "http",
+ "http 1.3.1",
  "http-body-util",
  "hyper",
  "hyper-util",

codex-rs/Cargo.toml

@@ -49,7 +49,7 @@ members = [
 resolver = "2"
 
 [workspace.package]
-version = "0.72.0"
+version = "0.0.0"
 # Track the edition for all workspace crates in one place. Individual
 # crates can still override this value, but keeping it here means new
 # crates created with `cargo new -w ...` automatically inherit the 2024
@@ -149,7 +149,7 @@ landlock = "0.4.1"
 lazy_static = "1"
 libc = "0.2.177"
 log = "0.4"
-lru = "0.12.5"
+lru = "0.16.2"
 maplit = "1.0.2"
 mime_guess = "2.0.5"
 multimap = "0.10.0"
@@ -162,6 +162,7 @@ opentelemetry-appender-tracing = "0.30.0"
 opentelemetry-otlp = "0.30.0"
 opentelemetry-semantic-conventions = "0.30.0"
 opentelemetry_sdk = "0.30.0"
+tracing-opentelemetry = "0.31.0"
 os_info = "3.12.0"
 owo-colors = "4.2.0"
 path-absolutize = "3.1.1"
@@ -179,7 +180,7 @@ reqwest = "0.12"
 rmcp = { version = "0.10.0", default-features = false }
 schemars = "0.8.22"
 seccompiler = "0.5.0"
-sentry = "0.34.0"
+sentry = "0.46.0"
 serde = "1"
 serde_json = "1"
 serde_with = "3.16"
@@ -189,7 +190,7 @@ sha1 = "0.10.6"
 sha2 = "0.10"
 shlex = "1.3.0"
 similar = "2.7.0"
-socket2 = "0.6.0"
+socket2 = "0.6.1"
 starlark = "0.13.0"
 strum = "0.27.2"
 strum_macros = "0.27.2"

codex-rs/app-server-protocol/Cargo.toml

@@ -15,6 +15,7 @@ workspace = true
 anyhow = { workspace = true }
 clap = { workspace = true, features = ["derive"] }
 codex-protocol = { workspace = true }
+codex-utils-absolute-path = { workspace = true }
 mcp-types = { workspace = true }
 schemars = { workspace = true }
 serde = { workspace = true, features = ["derive"] }

codex-rs/app-server-protocol/src/export.rs

@@ -31,6 +31,7 @@ use std::process::Command;
 use ts_rs::TS;
 
 const HEADER: &str = "// GENERATED CODE! DO NOT MODIFY BY HAND!\n\n";
+const IGNORED_DEFINITIONS: &[&str] = &["Option<()>"];
 
 #[derive(Clone)]
 pub struct GeneratedSchema {
@@ -184,7 +185,6 @@ fn build_schema_bundle(schemas: Vec<GeneratedSchema>) -> Result<Value> {
         "ServerNotification",
         "ServerRequest",
     ];
-    const IGNORED_DEFINITIONS: &[&str] = &["Option<()>"];
 
     let namespaced_types = collect_namespaced_types(&schemas);
     let mut definitions = Map::new();
@@ -304,8 +304,11 @@ where
         out_dir.join(format!("{file_stem}.json"))
     };
 
-    write_pretty_json(out_path, &schema_value)
-        .with_context(|| format!("Failed to write JSON schema for {file_stem}"))?;
+    if !IGNORED_DEFINITIONS.contains(&logical_name) {
+        write_pretty_json(out_path, &schema_value)
+            .with_context(|| format!("Failed to write JSON schema for {file_stem}"))?;
+    }
+
     let namespace = match raw_namespace {
         Some("v1") | None => None,
         Some(ns) => Some(ns.to_string()),

codex-rs/app-server-protocol/src/protocol/common.rs

@@ -121,6 +121,10 @@ client_request_definitions! {
         params: v2::ThreadCompactParams,
         response: v2::ThreadCompactResponse,
     },
+    SkillsList => "skills/list" {
+        params: v2::SkillsListParams,
+        response: v2::SkillsListResponse,
+    },
     TurnStart => "turn/start" {
         params: v2::TurnStartParams,
         response: v2::TurnStartResponse,

codex-rs/app-server-protocol/src/protocol/v1.rs

@@ -16,6 +16,7 @@ use codex_protocol::protocol::ReviewDecision;
 use codex_protocol::protocol::SandboxPolicy;
 use codex_protocol::protocol::SessionSource;
 use codex_protocol::protocol::TurnAbortReason;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use schemars::JsonSchema;
 use serde::Deserialize;
 use serde::Serialize;
@@ -359,7 +360,7 @@ pub struct Tools {
 #[serde(rename_all = "camelCase")]
 pub struct SandboxSettings {
     #[serde(default)]
-    pub writable_roots: Vec<PathBuf>,
+    pub writable_roots: Vec<AbsolutePathBuf>,
     pub network_access: Option<bool>,
     pub exclude_tmpdir_env_var: Option<bool>,
     pub exclude_slash_tmp: Option<bool>,

codex-rs/app-server-protocol/src/protocol/v2.rs

@@ -21,9 +21,13 @@ use codex_protocol::protocol::CreditsSnapshot as CoreCreditsSnapshot;
 use codex_protocol::protocol::RateLimitSnapshot as CoreRateLimitSnapshot;
 use codex_protocol::protocol::RateLimitWindow as CoreRateLimitWindow;
 use codex_protocol::protocol::SessionSource as CoreSessionSource;
+use codex_protocol::protocol::SkillErrorInfo as CoreSkillErrorInfo;
+use codex_protocol::protocol::SkillMetadata as CoreSkillMetadata;
+use codex_protocol::protocol::SkillScope as CoreSkillScope;
 use codex_protocol::protocol::TokenUsage as CoreTokenUsage;
 use codex_protocol::protocol::TokenUsageInfo as CoreTokenUsageInfo;
 use codex_protocol::user_input::UserInput as CoreUserInput;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use mcp_types::ContentBlock as McpContentBlock;
 use mcp_types::Resource as McpResource;
 use mcp_types::ResourceTemplate as McpResourceTemplate;
@@ -420,7 +424,7 @@ pub enum SandboxPolicy {
     #[ts(rename_all = "camelCase")]
     WorkspaceWrite {
         #[serde(default)]
-        writable_roots: Vec<PathBuf>,
+        writable_roots: Vec<AbsolutePathBuf>,
         #[serde(default)]
         network_access: bool,
         #[serde(default)]
@@ -966,6 +970,87 @@ pub struct ThreadCompactParams {
 #[ts(export_to = "v2/")]
 pub struct ThreadCompactResponse {}
 
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct SkillsListParams {
+    /// When empty, defaults to the current session working directory.
+    #[serde(default, skip_serializing_if = "Vec::is_empty")]
+    pub cwds: Vec<PathBuf>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct SkillsListResponse {
+    pub data: Vec<SkillsListEntry>,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, Copy, PartialEq, Eq, JsonSchema, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(rename_all = "snake_case")]
+#[ts(export_to = "v2/")]
+pub enum SkillScope {
+    User,
+    Repo,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct SkillMetadata {
+    pub name: String,
+    pub description: String,
+    pub path: PathBuf,
+    pub scope: SkillScope,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct SkillErrorInfo {
+    pub path: PathBuf,
+    pub message: String,
+}
+
+#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
+#[serde(rename_all = "camelCase")]
+#[ts(export_to = "v2/")]
+pub struct SkillsListEntry {
+    pub cwd: PathBuf,
+    pub skills: Vec<SkillMetadata>,
+    pub errors: Vec<SkillErrorInfo>,
+}
+
+impl From<CoreSkillMetadata> for SkillMetadata {
+    fn from(value: CoreSkillMetadata) -> Self {
+        Self {
+            name: value.name,
+            description: value.description,
+            path: value.path,
+            scope: value.scope.into(),
+        }
+    }
+}
+
+impl From<CoreSkillScope> for SkillScope {
+    fn from(value: CoreSkillScope) -> Self {
+        match value {
+            CoreSkillScope::User => Self::User,
+            CoreSkillScope::Repo => Self::Repo,
+        }
+    }
+}
+
+impl From<CoreSkillErrorInfo> for SkillErrorInfo {
+    fn from(value: CoreSkillErrorInfo) -> Self {
+        Self {
+            path: value.path,
+            message: value.message,
+        }
+    }
+}
+
 #[derive(Serialize, Deserialize, Debug, Clone, PartialEq, JsonSchema, TS)]
 #[serde(rename_all = "camelCase")]
 #[ts(export_to = "v2/")]

codex-rs/app-server/Cargo.toml

@@ -43,7 +43,6 @@ tokio = { workspace = true, features = [
 ] }
 tracing = { workspace = true, features = ["log"] }
 tracing-subscriber = { workspace = true, features = ["env-filter", "fmt"] }
-opentelemetry-appender-tracing = { workspace = true }
 uuid = { workspace = true, features = ["serde", "v7"] }
 
 [dev-dependencies]

codex-rs/app-server/README.md

@@ -65,6 +65,7 @@ Example (from OpenAI's official VSCode extension):
 - `review/start` — kick off Codex’s automated reviewer for a thread; responds like `turn/start` and emits `item/started`/`item/completed` notifications with `enteredReviewMode` and `exitedReviewMode` items, plus a final assistant `agentMessage` containing the review.
 - `command/exec` — run a single command under the server sandbox without starting a thread/turn (handy for utilities and validation).
 - `model/list` — list available models (with reasoning effort options).
+- `skills/list` — list skills for one or more `cwd` values.
 - `mcpServer/oauth/login` — start an OAuth login for a configured MCP server; returns an `authorization_url` and later emits `mcpServer/oauthLogin/completed` once the browser flow finishes.
 - `mcpServers/list` — enumerate configured MCP servers with their tools, resources, resource templates, and auth status; supports cursor+limit pagination.
 - `feedback/upload` — submit a feedback report (classification + optional reason/logs and conversation_id); returns the tracking thread id.

codex-rs/app-server/src/codex_message_processor.rs

@@ -81,6 +81,8 @@ use codex_app_server_protocol::ServerNotification;
 use codex_app_server_protocol::SessionConfiguredNotification;
 use codex_app_server_protocol::SetDefaultModelParams;
 use codex_app_server_protocol::SetDefaultModelResponse;
+use codex_app_server_protocol::SkillsListParams;
+use codex_app_server_protocol::SkillsListResponse;
 use codex_app_server_protocol::Thread;
 use codex_app_server_protocol::ThreadArchiveParams;
 use codex_app_server_protocol::ThreadArchiveResponse;
@@ -373,6 +375,9 @@ impl CodexMessageProcessor {
                 self.send_unimplemented_error(request_id, "thread/compact")
                     .await;
             }
+            ClientRequest::SkillsList { request_id, params } => {
+                self.skills_list(request_id, params).await;
+            }
             ClientRequest::TurnStart { request_id, params } => {
                 self.turn_start(request_id, params).await;
             }
@@ -1265,7 +1270,7 @@ impl CodexMessageProcessor {
         let mut cli_overrides = cli_overrides.unwrap_or_default();
         if cfg!(windows) && self.config.features.enabled(Feature::WindowsSandbox) {
             cli_overrides.insert(
-                "features.enable_experimental_windows_sandbox".to_string(),
+                "features.experimental_windows_sandbox".to_string(),
                 serde_json::json!(true),
             );
         }
@@ -2182,7 +2187,7 @@ impl CodexMessageProcessor {
                 let mut cli_overrides = cli_overrides.unwrap_or_default();
                 if cfg!(windows) && self.config.features.enabled(Feature::WindowsSandbox) {
                     cli_overrides.insert(
-                        "features.enable_experimental_windows_sandbox".to_string(),
+                        "features.experimental_windows_sandbox".to_string(),
                         serde_json::json!(true),
                     );
                 }
@@ -2615,6 +2620,42 @@ impl CodexMessageProcessor {
             .await;
     }
 
+    async fn skills_list(&self, request_id: RequestId, params: SkillsListParams) {
+        let SkillsListParams { cwds } = params;
+        let cwds = if cwds.is_empty() {
+            vec![self.config.cwd.clone()]
+        } else {
+            cwds
+        };
+
+        let data = if self.config.features.enabled(Feature::Skills) {
+            let skills_manager = self.conversation_manager.skills_manager();
+            cwds.into_iter()
+                .map(|cwd| {
+                    let outcome = skills_manager.skills_for_cwd(&cwd);
+                    let errors = errors_to_info(&outcome.errors);
+                    let skills = skills_to_info(&outcome.skills);
+                    codex_app_server_protocol::SkillsListEntry {
+                        cwd,
+                        skills,
+                        errors,
+                    }
+                })
+                .collect()
+        } else {
+            cwds.into_iter()
+                .map(|cwd| codex_app_server_protocol::SkillsListEntry {
+                    cwd,
+                    skills: Vec::new(),
+                    errors: Vec::new(),
+                })
+                .collect()
+        };
+        self.outgoing
+            .send_response(request_id, SkillsListResponse { data })
+            .await;
+    }
+
     async fn interrupt_conversation(
         &mut self,
         request_id: RequestId,
@@ -3260,6 +3301,32 @@ impl CodexMessageProcessor {
     }
 }
 
+fn skills_to_info(
+    skills: &[codex_core::skills::SkillMetadata],
+) -> Vec<codex_app_server_protocol::SkillMetadata> {
+    skills
+        .iter()
+        .map(|skill| codex_app_server_protocol::SkillMetadata {
+            name: skill.name.clone(),
+            description: skill.description.clone(),
+            path: skill.path.clone(),
+            scope: skill.scope.into(),
+        })
+        .collect()
+}
+
+fn errors_to_info(
+    errors: &[codex_core::skills::SkillError],
+) -> Vec<codex_app_server_protocol::SkillErrorInfo> {
+    errors
+        .iter()
+        .map(|err| codex_app_server_protocol::SkillErrorInfo {
+            path: err.path.clone(),
+            message: err.message.clone(),
+        })
+        .collect()
+}
+
 async fn derive_config_from_params(
     overrides: ConfigOverrides,
     cli_overrides: Option<std::collections::HashMap<String, serde_json::Value>>,

codex-rs/app-server/src/lib.rs

@@ -3,7 +3,6 @@
 use codex_common::CliConfigOverrides;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
-use opentelemetry_appender_tracing::layer::OpenTelemetryTracingBridge;
 use std::io::ErrorKind;
 use std::io::Result as IoResult;
 use std::path::PathBuf;
@@ -103,6 +102,7 @@ pub async fn run_main(
     // control the log level with `RUST_LOG`.
     let stderr_fmt = tracing_subscriber::fmt::layer()
         .with_writer(std::io::stderr)
+        .with_span_events(tracing_subscriber::fmt::format::FmtSpan::FULL)
         .with_filter(EnvFilter::from_default_env());
 
     let feedback_layer = tracing_subscriber::fmt::layer()
@@ -111,14 +111,15 @@ pub async fn run_main(
         .with_target(false)
         .with_filter(Targets::new().with_default(Level::TRACE));
 
+    let otel_logger_layer = otel.as_ref().and_then(|o| o.logger_layer());
+
+    let otel_tracing_layer = otel.as_ref().and_then(|o| o.tracing_layer());
+
     let _ = tracing_subscriber::registry()
         .with(stderr_fmt)
         .with(feedback_layer)
-        .with(otel.as_ref().map(|provider| {
-            OpenTelemetryTracingBridge::new(&provider.logger).with_filter(
-                tracing_subscriber::filter::filter_fn(codex_core::otel_init::codex_export_filter),
-            )
-        }))
+        .with(otel_logger_layer)
+        .with(otel_tracing_layer)
         .try_init();
 
     // Task: process incoming messages.

codex-rs/app-server/tests/common/lib.rs

@@ -14,6 +14,9 @@ pub use core_test_support::format_with_current_shell;
 pub use core_test_support::format_with_current_shell_display;
 pub use core_test_support::format_with_current_shell_display_non_login;
 pub use core_test_support::format_with_current_shell_non_login;
+pub use core_test_support::test_path_buf_with_windows;
+pub use core_test_support::test_tmp_path;
+pub use core_test_support::test_tmp_path_buf;
 pub use mcp_process::McpProcess;
 pub use mock_model_server::create_mock_chat_completions_server;
 pub use mock_model_server::create_mock_chat_completions_server_unchecked;

codex-rs/app-server/tests/suite/codex_message_processor_flow.rs

@@ -410,7 +410,7 @@ async fn test_send_user_turn_updates_sandbox_and_cwd_between_turns() -> Result<(
             cwd: first_cwd.clone(),
             approval_policy: AskForApproval::Never,
             sandbox_policy: SandboxPolicy::WorkspaceWrite {
-                writable_roots: vec![first_cwd.clone()],
+                writable_roots: vec![first_cwd.try_into()?],
                 network_access: false,
                 exclude_tmpdir_env_var: false,
                 exclude_slash_tmp: false,

codex-rs/app-server/tests/suite/config.rs

@@ -1,5 +1,6 @@
 use anyhow::Result;
 use app_test_support::McpProcess;
+use app_test_support::test_tmp_path;
 use app_test_support::to_response;
 use codex_app_server_protocol::GetUserSavedConfigResponse;
 use codex_app_server_protocol::JSONRPCResponse;
@@ -23,10 +24,12 @@ use tokio::time::timeout;
 const DEFAULT_READ_TIMEOUT: std::time::Duration = std::time::Duration::from_secs(10);
 
 fn create_config_toml(codex_home: &Path) -> std::io::Result<()> {
+    let writable_root = test_tmp_path();
     let config_toml = codex_home.join("config.toml");
     std::fs::write(
         config_toml,
-        r#"
+        format!(
+            r#"
 model = "gpt-5.1-codex-max"
 approval_policy = "on-request"
 sandbox_mode = "workspace-write"
@@ -38,7 +41,7 @@ forced_chatgpt_workspace_id = "12345678-0000-0000-0000-000000000000"
 forced_login_method = "chatgpt"
 
 [sandbox_workspace_write]
-writable_roots = ["/tmp"]
+writable_roots = [{}]
 network_access = true
 exclude_tmpdir_env_var = true
 exclude_slash_tmp = true
@@ -56,6 +59,8 @@ model_verbosity = "medium"
 model_provider = "openai"
 chatgpt_base_url = "https://api.chatgpt.com"
 "#,
+            serde_json::json!(writable_root)
+        ),
     )
 }
 
@@ -75,12 +80,13 @@ async fn get_config_toml_parses_all_fields() -> Result<()> {
     .await??;
 
     let config: GetUserSavedConfigResponse = to_response(resp)?;
+    let writable_root = test_tmp_path();
     let expected = GetUserSavedConfigResponse {
         config: UserSavedConfig {
             approval_policy: Some(AskForApproval::OnRequest),
             sandbox_mode: Some(SandboxMode::WorkspaceWrite),
             sandbox_settings: Some(SandboxSettings {
-                writable_roots: vec!["/tmp".into()],
+                writable_roots: vec![writable_root],
                 network_access: Some(true),
                 exclude_tmpdir_env_var: Some(true),
                 exclude_slash_tmp: Some(true),

codex-rs/app-server/tests/suite/v2/config_rpc.rs

@@ -1,5 +1,7 @@
 use anyhow::Result;
 use app_test_support::McpProcess;
+use app_test_support::test_path_buf_with_windows;
+use app_test_support::test_tmp_path_buf;
 use app_test_support::to_response;
 use codex_app_server_protocol::AskForApproval;
 use codex_app_server_protocol::ConfigBatchWriteParams;
@@ -18,7 +20,6 @@ use codex_app_server_protocol::ToolsV2;
 use codex_app_server_protocol::WriteStatus;
 use pretty_assertions::assert_eq;
 use serde_json::json;
-use std::path::PathBuf;
 use tempfile::TempDir;
 use tokio::time::timeout;
 
@@ -135,29 +136,37 @@ view_image = false
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
 async fn config_read_includes_system_layer_and_overrides() -> Result<()> {
     let codex_home = TempDir::new()?;
+    let user_dir = test_path_buf_with_windows("/user", Some(r"C:\Users\user"));
+    let system_dir = test_path_buf_with_windows("/system", Some(r"C:\System"));
     write_config(
         &codex_home,
-        r#"
+        &format!(
+            r#"
 model = "gpt-user"
 approval_policy = "on-request"
 sandbox_mode = "workspace-write"
 
 [sandbox_workspace_write]
-writable_roots = ["/user"]
+writable_roots = [{}]
 network_access = true
 "#,
+            serde_json::json!(user_dir)
+        ),
     )?;
 
     let managed_path = codex_home.path().join("managed_config.toml");
     std::fs::write(
         &managed_path,
-        r#"
+        format!(
+            r#"
 model = "gpt-system"
 approval_policy = "never"
 
 [sandbox_workspace_write]
-writable_roots = ["/system"]
+writable_roots = [{}]
 "#,
+            serde_json::json!(system_dir.clone())
+        ),
     )?;
 
     let managed_path_str = managed_path.display().to_string();
@@ -207,7 +216,7 @@ writable_roots = ["/system"]
         .sandbox_workspace_write
         .as_ref()
         .expect("sandbox workspace write");
-    assert_eq!(sandbox.writable_roots, vec![PathBuf::from("/system")]);
+    assert_eq!(sandbox.writable_roots, vec![system_dir]);
     assert_eq!(
         origins
             .get("sandbox_workspace_write.writable_roots.0")
@@ -350,6 +359,7 @@ async fn config_batch_write_applies_multiple_edits() -> Result<()> {
     let mut mcp = McpProcess::new(codex_home.path()).await?;
     timeout(DEFAULT_READ_TIMEOUT, mcp.initialize()).await??;
 
+    let writable_root = test_tmp_path_buf();
     let batch_id = mcp
         .send_config_batch_write_request(ConfigBatchWriteParams {
             file_path: Some(codex_home.path().join("config.toml").display().to_string()),
@@ -362,7 +372,7 @@ async fn config_batch_write_applies_multiple_edits() -> Result<()> {
                 ConfigEdit {
                     key_path: "sandbox_workspace_write".to_string(),
                     value: json!({
-                        "writable_roots": ["/tmp"],
+                        "writable_roots": [writable_root.clone()],
                         "network_access": false
                     }),
                     merge_strategy: MergeStrategy::Replace,
@@ -404,7 +414,7 @@ async fn config_batch_write_applies_multiple_edits() -> Result<()> {
         .sandbox_workspace_write
         .as_ref()
         .expect("sandbox workspace write");
-    assert_eq!(sandbox.writable_roots, vec![PathBuf::from("/tmp")]);
+    assert_eq!(sandbox.writable_roots, vec![writable_root]);
     assert!(!sandbox.network_access);
 
     Ok(())

codex-rs/app-server/tests/suite/v2/turn_start.rs

@@ -532,7 +532,7 @@ async fn turn_start_updates_sandbox_and_cwd_between_turns_v2() -> Result<()> {
             cwd: Some(first_cwd.clone()),
             approval_policy: Some(codex_app_server_protocol::AskForApproval::Never),
             sandbox_policy: Some(codex_app_server_protocol::SandboxPolicy::WorkspaceWrite {
-                writable_roots: vec![first_cwd.clone()],
+                writable_roots: vec![first_cwd.try_into()?],
                 network_access: false,
                 exclude_tmpdir_env_var: false,
                 exclude_slash_tmp: false,

codex-rs/codex-api/src/endpoint/responses.rs

@@ -17,6 +17,7 @@ use codex_protocol::protocol::SessionSource;
 use http::HeaderMap;
 use serde_json::Value;
 use std::sync::Arc;
+use tracing::instrument;
 
 pub struct ResponsesClient<T: HttpTransport, A: AuthProvider> {
     streaming: StreamingClient<T, A>,
@@ -57,6 +58,7 @@ impl<T: HttpTransport, A: AuthProvider> ResponsesClient<T, A> {
         self.stream(request.body, request.headers).await
     }
 
+    #[instrument(skip_all, err)]
     pub async fn stream_prompt(
         &self,
         model: &str,

codex-rs/codex-client/Cargo.toml

@@ -10,6 +10,7 @@ bytes = { workspace = true }
 eventsource-stream = { workspace = true }
 futures = { workspace = true }
 http = { workspace = true }
+opentelemetry = { workspace = true }
 rand = { workspace = true }
 reqwest = { workspace = true, features = ["json", "stream"] }
 serde = { workspace = true, features = ["derive"] }
@@ -17,6 +18,11 @@ serde_json = { workspace = true }
 thiserror = { workspace = true }
 tokio = { workspace = true, features = ["macros", "rt", "time", "sync"] }
 tracing = { workspace = true }
+tracing-opentelemetry = { workspace = true }
 
 [lints]
 workspace = true
+
+[dev-dependencies]
+opentelemetry_sdk = { workspace = true }
+tracing-subscriber = { workspace = true }

codex-rs/codex-client/src/default_client.rs

@@ -1,4 +1,6 @@
 use http::Error as HttpError;
+use opentelemetry::global;
+use opentelemetry::propagation::Injector;
 use reqwest::IntoUrl;
 use reqwest::Method;
 use reqwest::Response;
@@ -9,6 +11,8 @@ use serde::Serialize;
 use std::collections::HashMap;
 use std::fmt::Display;
 use std::time::Duration;
+use tracing::Span;
+use tracing_opentelemetry::OpenTelemetrySpanExt;
 
 #[derive(Clone, Debug)]
 pub struct CodexHttpClient {
@@ -101,7 +105,9 @@ impl CodexRequestBuilder {
     }
 
     pub async fn send(self) -> Result<Response, reqwest::Error> {
-        match self.builder.send().await {
+        let headers = trace_headers();
+
+        match self.builder.headers(headers).send().await {
             Ok(response) => {
                 let request_ids = Self::extract_request_ids(&response);
                 tracing::debug!(
@@ -141,3 +147,79 @@ impl CodexRequestBuilder {
             .collect()
     }
 }
+
+struct HeaderMapInjector<'a>(&'a mut HeaderMap);
+
+impl<'a> Injector for HeaderMapInjector<'a> {
+    fn set(&mut self, key: &str, value: String) {
+        if let (Ok(name), Ok(val)) = (
+            HeaderName::from_bytes(key.as_bytes()),
+            HeaderValue::from_str(&value),
+        ) {
+            self.0.insert(name, val);
+        }
+    }
+}
+
+fn trace_headers() -> HeaderMap {
+    let mut headers = HeaderMap::new();
+    global::get_text_map_propagator(|prop| {
+        prop.inject_context(
+            &Span::current().context(),
+            &mut HeaderMapInjector(&mut headers),
+        );
+    });
+    headers
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use opentelemetry::propagation::Extractor;
+    use opentelemetry::propagation::TextMapPropagator;
+    use opentelemetry::trace::TraceContextExt;
+    use opentelemetry::trace::TracerProvider;
+    use opentelemetry_sdk::propagation::TraceContextPropagator;
+    use opentelemetry_sdk::trace::SdkTracerProvider;
+    use tracing::info_span;
+    use tracing_subscriber::layer::SubscriberExt;
+    use tracing_subscriber::util::SubscriberInitExt;
+
+    #[test]
+    fn inject_trace_headers_uses_current_span_context() {
+        global::set_text_map_propagator(TraceContextPropagator::new());
+
+        let provider = SdkTracerProvider::builder().build();
+        let tracer = provider.tracer("test-tracer");
+        let subscriber =
+            tracing_subscriber::registry().with(tracing_opentelemetry::layer().with_tracer(tracer));
+        let _guard = subscriber.set_default();
+
+        let span = info_span!("client_request");
+        let _entered = span.enter();
+        let span_context = span.context().span().span_context().clone();
+
+        let headers = trace_headers();
+
+        let extractor = HeaderMapExtractor(&headers);
+        let extracted = TraceContextPropagator::new().extract(&extractor);
+        let extracted_span = extracted.span();
+        let extracted_context = extracted_span.span_context();
+
+        assert!(extracted_context.is_valid());
+        assert_eq!(extracted_context.trace_id(), span_context.trace_id());
+        assert_eq!(extracted_context.span_id(), span_context.span_id());
+    }
+
+    struct HeaderMapExtractor<'a>(&'a HeaderMap);
+
+    impl<'a> Extractor for HeaderMapExtractor<'a> {
+        fn get(&self, key: &str) -> Option<&str> {
+            self.0.get(key).and_then(|value| value.to_str().ok())
+        }
+
+        fn keys(&self) -> Vec<&str> {
+            self.0.keys().map(HeaderName::as_str).collect()
+        }
+    }
+}

codex-rs/core/Cargo.toml

@@ -28,7 +28,7 @@ codex-execpolicy = { workspace = true }
 codex-file-search = { workspace = true }
 codex-git = { workspace = true }
 codex-keyring-store = { workspace = true }
-codex-otel = { workspace = true, features = ["otel"] }
+codex-otel = { workspace = true }
 codex-protocol = { workspace = true }
 codex-rmcp-client = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
@@ -132,6 +132,7 @@ pretty_assertions = { workspace = true }
 serial_test = { workspace = true }
 tempfile = { workspace = true }
 tokio-test = { workspace = true }
+tracing-subscriber = { workspace = true }
 tracing-test = { workspace = true, features = ["no-env-filter"] }
 walkdir = { workspace = true }
 wiremock = { workspace = true }

codex-rs/core/src/auth.rs

@@ -64,6 +64,7 @@ const REFRESH_TOKEN_UNKNOWN_MESSAGE: &str =
 const REFRESH_TOKEN_URL: &str = "https://auth.openai.com/oauth/token";
 pub const REFRESH_TOKEN_URL_OVERRIDE_ENV_VAR: &str = "CODEX_REFRESH_TOKEN_URL_OVERRIDE";
 
+#[cfg(any(test, feature = "test-support"))]
 static TEST_AUTH_TEMP_DIRS: Lazy<Mutex<Vec<TempDir>>> = Lazy::new(|| Mutex::new(Vec::new()));
 
 #[derive(Debug, Error)]
@@ -1111,6 +1112,18 @@ impl AuthManager {
         })
     }
 
+    #[cfg(any(test, feature = "test-support"))]
+    /// Create an AuthManager with a specific CodexAuth and codex home, for testing only.
+    pub fn from_auth_for_testing_with_home(auth: CodexAuth, codex_home: PathBuf) -> Arc<Self> {
+        let cached = CachedAuth { auth: Some(auth) };
+        Arc::new(Self {
+            codex_home,
+            inner: RwLock::new(cached),
+            enable_codex_api_key_env: false,
+            auth_credentials_store_mode: AuthCredentialsStoreMode::File,
+        })
+    }
+
     /// Current cached auth (clone). May be `None` if not logged in or load failed.
     pub fn auth(&self) -> Option<CodexAuth> {
         self.inner.read().ok().and_then(|c| c.auth.clone())

codex-rs/core/src/client.rs

@@ -18,7 +18,7 @@ use codex_api::common::Reasoning;
 use codex_api::create_text_param_for_request;
 use codex_api::error::ApiError;
 use codex_app_server_protocol::AuthMode;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::ConversationId;
 use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig;
 use codex_protocol::models::ResponseItem;
@@ -57,7 +57,7 @@ pub struct ModelClient {
     config: Arc<Config>,
     auth_manager: Option<Arc<AuthManager>>,
     model_family: ModelFamily,
-    otel_event_manager: OtelEventManager,
+    otel_manager: OtelManager,
     provider: ModelProviderInfo,
     conversation_id: ConversationId,
     effort: Option<ReasoningEffortConfig>,
@@ -71,7 +71,7 @@ impl ModelClient {
         config: Arc<Config>,
         auth_manager: Option<Arc<AuthManager>>,
         model_family: ModelFamily,
-        otel_event_manager: OtelEventManager,
+        otel_manager: OtelManager,
         provider: ModelProviderInfo,
         effort: Option<ReasoningEffortConfig>,
         summary: ReasoningSummaryConfig,
@@ -82,7 +82,7 @@ impl ModelClient {
             config,
             auth_manager,
             model_family,
-            otel_event_manager,
+            otel_manager,
             provider,
             conversation_id,
             effort,
@@ -121,12 +121,12 @@ impl ModelClient {
                 if self.config.show_raw_agent_reasoning {
                     Ok(map_response_stream(
                         api_stream.streaming_mode(),
-                        self.otel_event_manager.clone(),
+                        self.otel_manager.clone(),
                     ))
                 } else {
                     Ok(map_response_stream(
                         api_stream.aggregate(),
-                        self.otel_event_manager.clone(),
+                        self.otel_manager.clone(),
                     ))
                 }
             }
@@ -195,7 +195,7 @@ impl ModelClient {
             warn!(path, "Streaming from fixture");
             let stream = codex_api::stream_from_fixture(path, self.provider.stream_idle_timeout())
                 .map_err(map_api_error)?;
-            return Ok(map_response_stream(stream, self.otel_event_manager.clone()));
+            return Ok(map_response_stream(stream, self.otel_manager.clone()));
         }
 
         let auth_manager = self.auth_manager.clone();
@@ -269,7 +269,7 @@ impl ModelClient {
 
             match stream_result {
                 Ok(stream) => {
-                    return Ok(map_response_stream(stream, self.otel_event_manager.clone()));
+                    return Ok(map_response_stream(stream, self.otel_manager.clone()));
                 }
                 Err(ApiError::Transport(TransportError::Http { status, .. }))
                     if status == StatusCode::UNAUTHORIZED =>
@@ -286,8 +286,8 @@ impl ModelClient {
         self.provider.clone()
     }
 
-    pub fn get_otel_event_manager(&self) -> OtelEventManager {
-        self.otel_event_manager.clone()
+    pub fn get_otel_manager(&self) -> OtelManager {
+        self.otel_manager.clone()
     }
 
     pub fn get_session_source(&self) -> SessionSource {
@@ -371,7 +371,7 @@ impl ModelClient {
 impl ModelClient {
     /// Builds request and SSE telemetry for streaming API calls (Chat/Responses).
     fn build_streaming_telemetry(&self) -> (Arc<dyn RequestTelemetry>, Arc<dyn SseTelemetry>) {
-        let telemetry = Arc::new(ApiTelemetry::new(self.otel_event_manager.clone()));
+        let telemetry = Arc::new(ApiTelemetry::new(self.otel_manager.clone()));
         let request_telemetry: Arc<dyn RequestTelemetry> = telemetry.clone();
         let sse_telemetry: Arc<dyn SseTelemetry> = telemetry;
         (request_telemetry, sse_telemetry)
@@ -379,7 +379,7 @@ impl ModelClient {
 
     /// Builds request telemetry for unary API calls (e.g., Compact endpoint).
     fn build_request_telemetry(&self) -> Arc<dyn RequestTelemetry> {
-        let telemetry = Arc::new(ApiTelemetry::new(self.otel_event_manager.clone()));
+        let telemetry = Arc::new(ApiTelemetry::new(self.otel_manager.clone()));
         let request_telemetry: Arc<dyn RequestTelemetry> = telemetry;
         request_telemetry
     }
@@ -396,7 +396,7 @@ fn build_api_prompt(prompt: &Prompt, instructions: String, tools_json: Vec<Value
     }
 }
 
-fn map_response_stream<S>(api_stream: S, otel_event_manager: OtelEventManager) -> ResponseStream
+fn map_response_stream<S>(api_stream: S, otel_manager: OtelManager) -> ResponseStream
 where
     S: futures::Stream<Item = std::result::Result<ResponseEvent, ApiError>>
         + Unpin
@@ -404,7 +404,6 @@ where
         + 'static,
 {
     let (tx_event, rx_event) = mpsc::channel::<Result<ResponseEvent>>(1600);
-    let manager = otel_event_manager;
 
     tokio::spawn(async move {
         let mut logged_error = false;
@@ -416,7 +415,7 @@ where
                     token_usage,
                 }) => {
                     if let Some(usage) = &token_usage {
-                        manager.sse_event_completed(
+                        otel_manager.sse_event_completed(
                             usage.input_tokens,
                             usage.output_tokens,
                             Some(usage.cached_input_tokens),
@@ -443,7 +442,7 @@ where
                 Err(err) => {
                     let mapped = map_api_error(err);
                     if !logged_error {
-                        manager.see_event_completed_failed(&mapped);
+                        otel_manager.see_event_completed_failed(&mapped);
                         logged_error = true;
                     }
                     if tx_event.send(Err(mapped)).await.is_err() {
@@ -497,12 +496,12 @@ fn map_unauthorized_status(status: StatusCode) -> CodexErr {
 }
 
 struct ApiTelemetry {
-    otel_event_manager: OtelEventManager,
+    otel_manager: OtelManager,
 }
 
 impl ApiTelemetry {
-    fn new(otel_event_manager: OtelEventManager) -> Self {
-        Self { otel_event_manager }
+    fn new(otel_manager: OtelManager) -> Self {
+        Self { otel_manager }
     }
 }
 
@@ -515,7 +514,7 @@ impl RequestTelemetry for ApiTelemetry {
         duration: Duration,
     ) {
         let error_message = error.map(std::string::ToString::to_string);
-        self.otel_event_manager.record_api_request(
+        self.otel_manager.record_api_request(
             attempt,
             status.map(|s| s.as_u16()),
             error_message.as_deref(),
@@ -533,6 +532,6 @@ impl SseTelemetry for ApiTelemetry {
         >,
         duration: Duration,
     ) {
-        self.otel_event_manager.log_sse_event(result, duration);
+        self.otel_manager.log_sse_event(result, duration);
     }
 }

codex-rs/core/src/codex.rs

@@ -61,9 +61,13 @@ use tokio::sync::Mutex;
 use tokio::sync::RwLock;
 use tokio::sync::oneshot;
 use tokio_util::sync::CancellationToken;
+use tracing::Instrument;
 use tracing::debug;
 use tracing::error;
+use tracing::field;
 use tracing::info;
+use tracing::info_span;
+use tracing::instrument;
 use tracing::warn;
 
 use crate::ModelProviderInfo;
@@ -73,6 +77,7 @@ use crate::client_common::Prompt;
 use crate::client_common::ResponseEvent;
 use crate::compact::collect_user_messages;
 use crate::config::Config;
+use crate::config::GhostSnapshotConfig;
 use crate::config::types::ShellEnvironmentPolicy;
 use crate::context_manager::ContextManager;
 use crate::environment_context::EnvironmentContext;
@@ -102,8 +107,7 @@ use crate::protocol::ReviewDecision;
 use crate::protocol::SandboxPolicy;
 use crate::protocol::SessionConfiguredEvent;
 use crate::protocol::SkillErrorInfo;
-use crate::protocol::SkillInfo;
-use crate::protocol::SkillLoadOutcomeInfo;
+use crate::protocol::SkillMetadata as ProtocolSkillMetadata;
 use crate::protocol::StreamErrorEvent;
 use crate::protocol::Submission;
 use crate::protocol::TokenCountEvent;
@@ -116,10 +120,11 @@ use crate::rollout::RolloutRecorderParams;
 use crate::rollout::map_session_init_error;
 use crate::shell;
 use crate::shell_snapshot::ShellSnapshot;
+use crate::skills::SkillError;
 use crate::skills::SkillInjections;
-use crate::skills::SkillLoadOutcome;
+use crate::skills::SkillMetadata;
+use crate::skills::SkillsManager;
 use crate::skills::build_skill_injections;
-use crate::skills::load_skills;
 use crate::state::ActiveTurn;
 use crate::state::SessionServices;
 use crate::state::SessionState;
@@ -141,7 +146,7 @@ use crate::user_notification::UserNotification;
 use crate::util::backoff;
 use codex_async_utils::OrCancelExt;
 use codex_execpolicy::Policy as ExecPolicy;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::config_types::ReasoningSummary as ReasoningSummaryConfig;
 use codex_protocol::models::ContentItem;
 use codex_protocol::models::ResponseInputItem;
@@ -203,6 +208,7 @@ impl Codex {
         config: Config,
         auth_manager: Arc<AuthManager>,
         models_manager: Arc<ModelsManager>,
+        skills_manager: Arc<SkillsManager>,
         conversation_history: InitialHistory,
         session_source: SessionSource,
     ) -> CodexResult<CodexSpawnOk> {
@@ -210,7 +216,7 @@ impl Codex {
         let (tx_event, rx_event) = async_channel::unbounded();
 
         let loaded_skills = if config.features.enabled(Feature::Skills) {
-            Some(load_skills(&config))
+            Some(skills_manager.skills_for_cwd(&config.cwd))
         } else {
             None
         };
@@ -225,11 +231,9 @@ impl Codex {
             }
         }
 
-        let skills_outcome = loaded_skills.clone();
-
         let user_instructions = get_user_instructions(
             &config,
-            skills_outcome
+            loaded_skills
                 .as_ref()
                 .map(|outcome| outcome.skills.as_slice()),
         )
@@ -275,7 +279,7 @@ impl Codex {
             tx_event.clone(),
             conversation_history,
             session_source_clone,
-            skills_outcome.clone(),
+            skills_manager,
         )
         .await
         .map_err(|e| {
@@ -361,6 +365,7 @@ pub(crate) struct TurnContext {
     pub(crate) sandbox_policy: SandboxPolicy,
     pub(crate) shell_environment_policy: ShellEnvironmentPolicy,
     pub(crate) tools_config: ToolsConfig,
+    pub(crate) ghost_snapshot: GhostSnapshotConfig,
     pub(crate) final_output_json_schema: Option<Value>,
     pub(crate) codex_linux_sandbox_exe: Option<PathBuf>,
     pub(crate) tool_call_gate: Arc<ReadinessFlag>,
@@ -479,7 +484,7 @@ impl Session {
     #[allow(clippy::too_many_arguments)]
     fn make_turn_context(
         auth_manager: Option<Arc<AuthManager>>,
-        otel_event_manager: &OtelEventManager,
+        otel_manager: &OtelManager,
         provider: ModelProviderInfo,
         session_configuration: &SessionConfiguration,
         per_turn_config: Config,
@@ -487,7 +492,7 @@ impl Session {
         conversation_id: ConversationId,
         sub_id: String,
     ) -> TurnContext {
-        let otel_event_manager = otel_event_manager.clone().with_model(
+        let otel_manager = otel_manager.clone().with_model(
             session_configuration.model.as_str(),
             model_family.get_model_slug(),
         );
@@ -497,7 +502,7 @@ impl Session {
             per_turn_config.clone(),
             auth_manager,
             model_family.clone(),
-            otel_event_manager,
+            otel_manager,
             provider,
             session_configuration.model_reasoning_effort,
             session_configuration.model_reasoning_summary,
@@ -522,6 +527,7 @@ impl Session {
             sandbox_policy: session_configuration.sandbox_policy.clone(),
             shell_environment_policy: per_turn_config.shell_environment_policy.clone(),
             tools_config,
+            ghost_snapshot: per_turn_config.ghost_snapshot.clone(),
             final_output_json_schema: None,
             codex_linux_sandbox_exe: per_turn_config.codex_linux_sandbox_exe.clone(),
             tool_call_gate: Arc::new(ReadinessFlag::new()),
@@ -542,7 +548,7 @@ impl Session {
         tx_event: Sender<Event>,
         initial_history: InitialHistory,
         session_source: SessionSource,
-        skills: Option<SkillLoadOutcome>,
+        skills_manager: Arc<SkillsManager>,
     ) -> anyhow::Result<Arc<Self>> {
         debug!(
             "Configuring session: model={}; provider={:?}",
@@ -616,7 +622,7 @@ impl Session {
         maybe_push_chat_wire_api_deprecation(&config, &mut post_session_configured_events);
 
         // todo(aibrahim): why are we passing model here while it can change?
-        let otel_event_manager = OtelEventManager::new(
+        let otel_manager = OtelManager::new(
             conversation_id,
             session_configuration.model.as_str(),
             session_configuration.model.as_str(),
@@ -625,9 +631,10 @@ impl Session {
             auth_manager.auth().map(|a| a.mode),
             config.otel.log_user_prompt,
             terminal::user_agent(),
+            session_configuration.session_source.clone(),
         );
 
-        otel_event_manager.conversation_starts(
+        otel_manager.conversation_starts(
             config.model_provider.name.as_str(),
             config.model_reasoning_effort,
             config.model_reasoning_summary,
@@ -658,10 +665,10 @@ impl Session {
             user_shell: Arc::new(default_shell),
             show_raw_agent_reasoning: config.show_raw_agent_reasoning,
             auth_manager: Arc::clone(&auth_manager),
-            otel_event_manager,
+            otel_manager,
             models_manager: Arc::clone(&models_manager),
             tool_approvals: Mutex::new(ApprovalStore::default()),
-            skills: skills.clone(),
+            skills_manager,
         };
 
         let sess = Arc::new(Session {
@@ -677,8 +684,6 @@ impl Session {
         // Dispatch the SessionConfiguredEvent first and then report any errors.
         // If resuming, include converted initial messages in the payload so UIs can render them immediately.
         let initial_messages = initial_history.get_event_msgs();
-        let skill_load_outcome = skill_load_outcome_for_client(skills.as_ref());
-
         let events = std::iter::once(Event {
             id: INITIAL_SUBMIT_ID.to_owned(),
             msg: EventMsg::SessionConfigured(SessionConfiguredEvent {
@@ -692,7 +697,6 @@ impl Session {
                 history_log_id,
                 history_entry_count,
                 initial_messages,
-                skill_load_outcome,
                 rollout_path,
             }),
         })
@@ -787,15 +791,15 @@ impl Session {
                             "resuming session with different model: previous={prev}, current={curr}"
                         );
                         self.send_event(
-                                &turn_context,
-                                EventMsg::Warning(WarningEvent {
-                                    message: format!(
-                                        "This session was recorded with model `{prev}` but is resuming with `{curr}`. \
+                            &turn_context,
+                            EventMsg::Warning(WarningEvent {
+                                message: format!(
+                                    "This session was recorded with model `{prev}` but is resuming with `{curr}`. \
                          Consider switching back to `{prev}` as it may affect Codex performance."
-                                    ),
-                                }),
-                            )
-                                .await;
+                                ),
+                            }),
+                        )
+                            .await;
                     }
                 }
 
@@ -868,7 +872,7 @@ impl Session {
             .await;
         let mut turn_context: TurnContext = Self::make_turn_context(
             Some(Arc::clone(&self.services.auth_manager)),
-            &self.services.otel_event_manager,
+            &self.services.otel_manager,
             session_configuration.provider.clone(),
             &session_configuration,
             per_turn_config,
@@ -1580,6 +1584,9 @@ async fn submission_loop(sess: Arc<Session>, config: Arc<Config>, rx_sub: Receiv
             Op::ListCustomPrompts => {
                 handlers::list_custom_prompts(&sess, sub.id.clone()).await;
             }
+            Op::ListSkills { cwds } => {
+                handlers::list_skills(&sess, sub.id.clone(), cwds).await;
+            }
             Op::Undo => {
                 handlers::undo(&sess, sub.id.clone()).await;
             }
@@ -1624,6 +1631,7 @@ mod handlers {
 
     use crate::codex::spawn_review_thread;
     use crate::config::Config;
+    use crate::features::Feature;
     use crate::mcp::auth::compute_auth_statuses;
     use crate::mcp::collect_mcp_snapshot_from_manager;
     use crate::review_prompts::resolve_review_request;
@@ -1637,9 +1645,11 @@ mod handlers {
     use codex_protocol::protocol::Event;
     use codex_protocol::protocol::EventMsg;
     use codex_protocol::protocol::ListCustomPromptsResponseEvent;
+    use codex_protocol::protocol::ListSkillsResponseEvent;
     use codex_protocol::protocol::Op;
     use codex_protocol::protocol::ReviewDecision;
     use codex_protocol::protocol::ReviewRequest;
+    use codex_protocol::protocol::SkillsListEntry;
     use codex_protocol::protocol::TurnAbortReason;
     use codex_protocol::protocol::WarningEvent;
 
@@ -1647,6 +1657,7 @@ mod handlers {
     use codex_rmcp_client::ElicitationAction;
     use codex_rmcp_client::ElicitationResponse;
     use mcp_types::RequestId;
+    use std::path::PathBuf;
     use std::sync::Arc;
     use tracing::info;
     use tracing::warn;
@@ -1694,7 +1705,7 @@ mod handlers {
         let current_context = sess.new_turn_with_sub_id(sub_id, updates).await;
         current_context
             .client
-            .get_otel_event_manager()
+            .get_otel_manager()
             .user_prompt(&items);
 
         // Attempt to inject input into current task
@@ -1874,6 +1885,43 @@ mod handlers {
         sess.send_event_raw(event).await;
     }
 
+    pub async fn list_skills(sess: &Session, sub_id: String, cwds: Vec<PathBuf>) {
+        let cwds = if cwds.is_empty() {
+            let state = sess.state.lock().await;
+            vec![state.session_configuration.cwd.clone()]
+        } else {
+            cwds
+        };
+        let skills = if sess.enabled(Feature::Skills) {
+            let skills_manager = &sess.services.skills_manager;
+            cwds.into_iter()
+                .map(|cwd| {
+                    let outcome = skills_manager.skills_for_cwd(&cwd);
+                    let errors = super::errors_to_info(&outcome.errors);
+                    let skills = super::skills_to_info(&outcome.skills);
+                    SkillsListEntry {
+                        cwd,
+                        skills,
+                        errors,
+                    }
+                })
+                .collect()
+        } else {
+            cwds.into_iter()
+                .map(|cwd| SkillsListEntry {
+                    cwd,
+                    skills: Vec::new(),
+                    errors: Vec::new(),
+                })
+                .collect()
+        };
+        let event = Event {
+            id: sub_id,
+            msg: EventMsg::ListSkillsResponse(ListSkillsResponseEvent { skills }),
+        };
+        sess.send_event_raw(event).await;
+    }
+
     pub async fn undo(sess: &Arc<Session>, sub_id: String) {
         let turn_context = sess
             .new_turn_with_sub_id(sub_id, SessionSettingsUpdate::default())
@@ -2003,20 +2051,17 @@ async fn spawn_review_thread(
     per_turn_config.model_reasoning_summary = ReasoningSummaryConfig::Detailed;
     per_turn_config.features = review_features.clone();
 
-    let otel_event_manager = parent_turn_context
-        .client
-        .get_otel_event_manager()
-        .with_model(
-            config.review_model.as_str(),
-            review_model_family.slug.as_str(),
-        );
+    let otel_manager = parent_turn_context.client.get_otel_manager().with_model(
+        config.review_model.as_str(),
+        review_model_family.slug.as_str(),
+    );
 
     let per_turn_config = Arc::new(per_turn_config);
     let client = ModelClient::new(
         per_turn_config.clone(),
         auth_manager,
         model_family.clone(),
-        otel_event_manager,
+        otel_manager,
         provider,
         per_turn_config.model_reasoning_effort,
         per_turn_config.model_reasoning_summary,
@@ -2028,6 +2073,7 @@ async fn spawn_review_thread(
         sub_id: sub_id.to_string(),
         client,
         tools_config,
+        ghost_snapshot: parent_turn_context.ghost_snapshot.clone(),
         developer_instructions: None,
         user_instructions: None,
         base_instructions: Some(base_instructions.clone()),
@@ -2059,28 +2105,26 @@ async fn spawn_review_thread(
         .await;
 }
 
-fn skill_load_outcome_for_client(
-    outcome: Option<&SkillLoadOutcome>,
-) -> Option<SkillLoadOutcomeInfo> {
-    outcome.map(|outcome| SkillLoadOutcomeInfo {
-        skills: outcome
-            .skills
-            .iter()
-            .map(|skill| SkillInfo {
-                name: skill.name.clone(),
-                description: skill.description.clone(),
-                path: skill.path.clone(),
-            })
-            .collect(),
-        errors: outcome
-            .errors
-            .iter()
-            .map(|err| SkillErrorInfo {
-                path: err.path.clone(),
-                message: err.message.clone(),
-            })
-            .collect(),
-    })
+fn skills_to_info(skills: &[SkillMetadata]) -> Vec<ProtocolSkillMetadata> {
+    skills
+        .iter()
+        .map(|skill| ProtocolSkillMetadata {
+            name: skill.name.clone(),
+            description: skill.description.clone(),
+            path: skill.path.clone(),
+            scope: skill.scope,
+        })
+        .collect()
+}
+
+fn errors_to_info(errors: &[SkillError]) -> Vec<SkillErrorInfo> {
+    errors
+        .iter()
+        .map(|err| SkillErrorInfo {
+            path: err.path.clone(),
+            message: err.message.clone(),
+        })
+        .collect()
 }
 
 /// Takes a user message as input and runs a loop where, at each turn, the model
@@ -2111,10 +2155,20 @@ pub(crate) async fn run_task(
     });
     sess.send_event(&turn_context, event).await;
 
+    let skills_outcome = if sess.enabled(Feature::Skills) {
+        Some(
+            sess.services
+                .skills_manager
+                .skills_for_cwd(&turn_context.cwd),
+        )
+    } else {
+        None
+    };
+
     let SkillInjections {
         items: skill_items,
         warnings: skill_warnings,
-    } = build_skill_injections(&input, sess.services.skills.as_ref()).await;
+    } = build_skill_injections(&input, skills_outcome.as_ref()).await;
 
     for message in skill_warnings {
         sess.send_event(&turn_context, EventMsg::Warning(WarningEvent { message }))
@@ -2238,6 +2292,14 @@ pub(crate) async fn run_task(
     last_agent_message
 }
 
+#[instrument(
+    skip_all,
+    fields(
+        turn_id = %turn_context.sub_id,
+        model = %turn_context.client.get_model(),
+        cwd = %turn_context.cwd.display()
+    )
+)]
 async fn run_turn(
     sess: Arc<Session>,
     turn_context: Arc<TurnContext>,
@@ -2370,6 +2432,13 @@ async fn drain_in_flight(
 }
 
 #[allow(clippy::too_many_arguments)]
+#[instrument(
+    skip_all,
+    fields(
+        turn_id = %turn_context.sub_id,
+        model = %turn_context.client.get_model()
+    )
+)]
 async fn try_run_turn(
     router: Arc<ToolRouter>,
     sess: Arc<Session>,
@@ -2392,6 +2461,7 @@ async fn try_run_turn(
         .client
         .clone()
         .stream(prompt)
+        .instrument(info_span!("stream_request"))
         .or_cancel(&cancellation_token)
         .await??;
 
@@ -2406,8 +2476,23 @@ async fn try_run_turn(
     let mut needs_follow_up = false;
     let mut last_agent_message: Option<String> = None;
     let mut active_item: Option<TurnItem> = None;
+    let mut should_emit_turn_diff = false;
+    let receiving_span = info_span!("receiving_stream");
     let outcome: CodexResult<TurnRunResult> = loop {
-        let event = match stream.next().or_cancel(&cancellation_token).await {
+        let handle_responses = info_span!(
+            parent: &receiving_span,
+            "handle_responses",
+            otel.name = field::Empty,
+            tool_name = field::Empty,
+            from = field::Empty,
+        );
+
+        let event = match stream
+            .next()
+            .instrument(info_span!(parent: &handle_responses, "receiving"))
+            .or_cancel(&cancellation_token)
+            .await
+        {
             Ok(event) => event,
             Err(codex_async_utils::CancelErr::Cancelled) => break Err(CodexErr::TurnAborted),
         };
@@ -2422,6 +2507,10 @@ async fn try_run_turn(
             }
         };
 
+        sess.services
+            .otel_manager
+            .record_responses(&handle_responses, &event);
+
         match event {
             ResponseEvent::Created => {}
             ResponseEvent::OutputItemDone(item) => {
@@ -2433,8 +2522,9 @@ async fn try_run_turn(
                     cancellation_token: cancellation_token.child_token(),
                 };
 
-                let output_result =
-                    handle_output_item_done(&mut ctx, item, previously_active_item).await?;
+                let output_result = handle_output_item_done(&mut ctx, item, previously_active_item)
+                    .instrument(handle_responses)
+                    .await?;
                 if let Some(tool_future) = output_result.tool_future {
                     in_flight.push_back(tool_future);
                 }
@@ -2462,14 +2552,7 @@ async fn try_run_turn(
             } => {
                 sess.update_token_usage_info(&turn_context, token_usage.as_ref())
                     .await;
-                let unified_diff = {
-                    let mut tracker = turn_diff_tracker.lock().await;
-                    tracker.get_unified_diff()
-                };
-                if let Ok(Some(unified_diff)) = unified_diff {
-                    let msg = EventMsg::TurnDiff(TurnDiffEvent { unified_diff });
-                    sess.send_event(&turn_context, msg).await;
-                }
+                should_emit_turn_diff = true;
 
                 break Ok(TurnRunResult {
                     needs_follow_up,
@@ -2543,7 +2626,18 @@ async fn try_run_turn(
         }
     };
 
-    drain_in_flight(&mut in_flight, sess, turn_context).await?;
+    drain_in_flight(&mut in_flight, sess.clone(), turn_context.clone()).await?;
+
+    if should_emit_turn_diff {
+        let unified_diff = {
+            let mut tracker = turn_diff_tracker.lock().await;
+            tracker.get_unified_diff()
+        };
+        if let Ok(Some(unified_diff)) = unified_diff {
+            let msg = EventMsg::TurnDiff(TurnDiffEvent { unified_diff });
+            sess.clone().send_event(&turn_context, msg).await;
+        }
+    }
 
     outcome
 }
@@ -2913,12 +3007,13 @@ mod tests {
         })
     }
 
-    fn otel_event_manager(
+    fn otel_manager(
         conversation_id: ConversationId,
         config: &Config,
         model_family: &ModelFamily,
-    ) -> OtelEventManager {
-        OtelEventManager::new(
+        session_source: SessionSource,
+    ) -> OtelManager {
+        OtelManager::new(
             conversation_id,
             ModelsManager::get_model_offline(config.model.as_deref()).as_str(),
             model_family.slug.as_str(),
@@ -2927,6 +3022,7 @@ mod tests {
             Some(AuthMode::ChatGPT),
             false,
             "test".to_string(),
+            session_source,
         )
     }
 
@@ -2966,10 +3062,15 @@ mod tests {
             session_configuration.model.as_str(),
             &per_turn_config,
         );
-        let otel_event_manager =
-            otel_event_manager(conversation_id, config.as_ref(), &model_family);
+        let otel_manager = otel_manager(
+            conversation_id,
+            config.as_ref(),
+            &model_family,
+            session_configuration.session_source.clone(),
+        );
 
         let state = SessionState::new(session_configuration.clone());
+        let skills_manager = Arc::new(SkillsManager::new(config.codex_home.clone()));
 
         let services = SessionServices {
             mcp_connection_manager: Arc::new(RwLock::new(McpConnectionManager::default())),
@@ -2980,15 +3081,15 @@ mod tests {
             user_shell: Arc::new(default_user_shell()),
             show_raw_agent_reasoning: config.show_raw_agent_reasoning,
             auth_manager: auth_manager.clone(),
-            otel_event_manager: otel_event_manager.clone(),
+            otel_manager: otel_manager.clone(),
             models_manager,
             tool_approvals: Mutex::new(ApprovalStore::default()),
-            skills: None,
+            skills_manager,
         };
 
         let turn_context = Session::make_turn_context(
             Some(Arc::clone(&auth_manager)),
-            &otel_event_manager,
+            &otel_manager,
             session_configuration.provider.clone(),
             &session_configuration,
             per_turn_config,
@@ -3052,10 +3153,15 @@ mod tests {
             session_configuration.model.as_str(),
             &per_turn_config,
         );
-        let otel_event_manager =
-            otel_event_manager(conversation_id, config.as_ref(), &model_family);
+        let otel_manager = otel_manager(
+            conversation_id,
+            config.as_ref(),
+            &model_family,
+            session_configuration.session_source.clone(),
+        );
 
         let state = SessionState::new(session_configuration.clone());
+        let skills_manager = Arc::new(SkillsManager::new(config.codex_home.clone()));
 
         let services = SessionServices {
             mcp_connection_manager: Arc::new(RwLock::new(McpConnectionManager::default())),
@@ -3066,15 +3172,15 @@ mod tests {
             user_shell: Arc::new(default_user_shell()),
             show_raw_agent_reasoning: config.show_raw_agent_reasoning,
             auth_manager: Arc::clone(&auth_manager),
-            otel_event_manager: otel_event_manager.clone(),
+            otel_manager: otel_manager.clone(),
             models_manager,
             tool_approvals: Mutex::new(ApprovalStore::default()),
-            skills: None,
+            skills_manager,
         };
 
         let turn_context = Arc::new(Session::make_turn_context(
             Some(Arc::clone(&auth_manager)),
-            &otel_event_manager,
+            &otel_manager,
             session_configuration.provider.clone(),
             &session_configuration,
             per_turn_config,

codex-rs/core/src/codex_delegate.rs

@@ -49,6 +49,7 @@ pub(crate) async fn run_codex_conversation_interactive(
         config,
         auth_manager,
         models_manager,
+        Arc::clone(&parent_session.services.skills_manager),
         initial_history.unwrap_or(InitialHistory::New),
         SessionSource::SubAgent(SubAgentSource::Review),
     )

codex-rs/core/src/config/mod.rs

@@ -37,9 +37,9 @@ use codex_protocol::config_types::Verbosity;
 use codex_protocol::openai_models::ReasoningEffort;
 use codex_protocol::openai_models::ReasoningSummaryFormat;
 use codex_rmcp_client::OAuthCredentialsStoreMode;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use codex_utils_absolute_path::AbsolutePathBufGuard;
 use dirs::home_dir;
-use dunce::canonicalize;
 use serde::Deserialize;
 use similar::DiffableStr;
 use std::collections::BTreeMap;
@@ -64,6 +64,8 @@ pub use service::ConfigServiceError;
 
 const OPENAI_DEFAULT_REVIEW_MODEL: &str = "gpt-5.1-codex-max";
 
+pub use codex_git::GhostSnapshotConfig;
+
 /// Maximum number of bytes of the documentation that will be embedded. Larger
 /// files are *silently truncated* to this size so we do not take up too much of
 /// the context window.
@@ -266,6 +268,9 @@ pub struct Config {
     /// https://github.com/modelcontextprotocol/rust-sdk
     pub use_experimental_use_rmcp_client: bool,
 
+    /// Settings for ghost snapshots (used for undo).
+    pub ghost_snapshot: GhostSnapshotConfig,
+
     /// Centralized feature flags; source of truth for feature gating.
     pub features: Features,
 
@@ -658,6 +663,10 @@ pub struct ConfigToml {
     #[serde(default)]
     pub features: Option<FeaturesToml>,
 
+    /// Settings for ghost snapshots (used for undo).
+    #[serde(default)]
+    pub ghost_snapshot: Option<GhostSnapshotToml>,
+
     /// When `true`, checks for Codex updates on startup and surfaces update prompts.
     /// Set to `false` only if your Codex updates are centrally managed.
     /// Defaults to `true`.
@@ -747,6 +756,17 @@ impl From<ToolsToml> for Tools {
     }
 }
 
+#[derive(Deserialize, Debug, Clone, Default, PartialEq, Eq)]
+pub struct GhostSnapshotToml {
+    /// Exclude untracked files larger than this many bytes from ghost snapshots.
+    #[serde(alias = "ignore_untracked_files_over_bytes")]
+    pub ignore_large_untracked_files: Option<i64>,
+    /// Ignore untracked directories that contain this many files or more.
+    /// (Still emits a warning.)
+    #[serde(alias = "large_untracked_dir_warning_threshold")]
+    pub ignore_large_untracked_dirs: Option<i64>,
+}
+
 #[derive(Debug, PartialEq, Eq)]
 pub struct SandboxPolicyResolution {
     pub policy: SandboxPolicy,
@@ -982,13 +1002,10 @@ impl Config {
                 }
             }
         };
-        let additional_writable_roots: Vec<PathBuf> = additional_writable_roots
+        let additional_writable_roots: Vec<AbsolutePathBuf> = additional_writable_roots
             .into_iter()
-            .map(|path| {
-                let absolute = resolve_path(&resolved_cwd, &path);
-                canonicalize(&absolute).unwrap_or(absolute)
-            })
-            .collect();
+            .map(|path| AbsolutePathBuf::resolve_path_against_base(path, &resolved_cwd))
+            .collect::<Result<Vec<_>, _>>()?;
         let active_project = cfg
             .get_active_project(&resolved_cwd)
             .unwrap_or(ProjectConfig { trust_level: None });
@@ -1050,6 +1067,26 @@ impl Config {
 
         let history = cfg.history.unwrap_or_default();
 
+        let ghost_snapshot = {
+            let mut config = GhostSnapshotConfig::default();
+            if let Some(ghost_snapshot) = cfg.ghost_snapshot.as_ref()
+                && let Some(ignore_over_bytes) = ghost_snapshot.ignore_large_untracked_files
+            {
+                config.ignore_large_untracked_files = if ignore_over_bytes > 0 {
+                    Some(ignore_over_bytes)
+                } else {
+                    None
+                };
+            }
+            if let Some(ghost_snapshot) = cfg.ghost_snapshot.as_ref()
+                && let Some(threshold) = ghost_snapshot.ignore_large_untracked_dirs
+            {
+                config.ignore_large_untracked_dirs =
+                    if threshold > 0 { Some(threshold) } else { None };
+            }
+            config
+        };
+
         let include_apply_patch_tool_flag = features.enabled(Feature::ApplyPatchFreeform);
         let tools_web_search_request = features.enabled(Feature::WebSearchRequest);
         let use_experimental_unified_exec_tool = features.enabled(Feature::UnifiedExec);
@@ -1182,6 +1219,7 @@ impl Config {
             tools_web_search_request,
             use_experimental_unified_exec_tool,
             use_experimental_use_rmcp_client,
+            ghost_snapshot,
             features,
             active_profile: active_profile_name,
             active_project,
@@ -1203,10 +1241,12 @@ impl Config {
                     .environment
                     .unwrap_or(DEFAULT_OTEL_ENVIRONMENT.to_string());
                 let exporter = t.exporter.unwrap_or(OtelExporterKind::None);
+                let trace_exporter = t.trace_exporter.unwrap_or_else(|| exporter.clone());
                 OtelConfig {
                     log_user_prompt,
                     environment,
                     exporter,
+                    trace_exporter,
                 }
             },
         };
@@ -1318,6 +1358,7 @@ mod tests {
     use crate::features::Feature;
 
     use super::*;
+    use core_test_support::test_absolute_path;
     use pretty_assertions::assert_eq;
 
     use std::time::Duration;
@@ -1416,18 +1457,22 @@ network_access = true  # This should be ignored.
             }
         );
 
-        let sandbox_workspace_write = r#"
+        let writable_root = test_absolute_path("/my/workspace");
+        let sandbox_workspace_write = format!(
+            r#"
 sandbox_mode = "workspace-write"
 
 [sandbox_workspace_write]
 writable_roots = [
-    "/my/workspace",
+    {},
 ]
 exclude_tmpdir_env_var = true
 exclude_slash_tmp = true
-"#;
+"#,
+            serde_json::json!(writable_root)
+        );
 
-        let sandbox_workspace_write_cfg = toml::from_str::<ConfigToml>(sandbox_workspace_write)
+        let sandbox_workspace_write_cfg = toml::from_str::<ConfigToml>(&sandbox_workspace_write)
             .expect("TOML deserialization should succeed");
         let sandbox_mode_override = None;
         let resolution = sandbox_workspace_write_cfg.derive_sandbox_policy(
@@ -1448,7 +1493,7 @@ exclude_slash_tmp = true
                 resolution,
                 SandboxPolicyResolution {
                     policy: SandboxPolicy::WorkspaceWrite {
-                        writable_roots: vec![PathBuf::from("/my/workspace")],
+                        writable_roots: vec![writable_root.clone()],
                         network_access: false,
                         exclude_tmpdir_env_var: true,
                         exclude_slash_tmp: true,
@@ -1458,21 +1503,24 @@ exclude_slash_tmp = true
             );
         }
 
-        let sandbox_workspace_write = r#"
+        let sandbox_workspace_write = format!(
+            r#"
 sandbox_mode = "workspace-write"
 
 [sandbox_workspace_write]
 writable_roots = [
-    "/my/workspace",
+    {},
 ]
 exclude_tmpdir_env_var = true
 exclude_slash_tmp = true
 
 [projects."/tmp/test"]
 trust_level = "trusted"
-"#;
+"#,
+            serde_json::json!(writable_root)
+        );
 
-        let sandbox_workspace_write_cfg = toml::from_str::<ConfigToml>(sandbox_workspace_write)
+        let sandbox_workspace_write_cfg = toml::from_str::<ConfigToml>(&sandbox_workspace_write)
             .expect("TOML deserialization should succeed");
         let sandbox_mode_override = None;
         let resolution = sandbox_workspace_write_cfg.derive_sandbox_policy(
@@ -1493,7 +1541,7 @@ trust_level = "trusted"
                 resolution,
                 SandboxPolicyResolution {
                     policy: SandboxPolicy::WorkspaceWrite {
-                        writable_roots: vec![PathBuf::from("/my/workspace")],
+                        writable_roots: vec![writable_root],
                         network_access: false,
                         exclude_tmpdir_env_var: true,
                         exclude_slash_tmp: true,
@@ -1525,7 +1573,7 @@ trust_level = "trusted"
             temp_dir.path().to_path_buf(),
         )?;
 
-        let expected_backend = canonicalize(&backend).expect("canonicalize backend directory");
+        let expected_backend = AbsolutePathBuf::try_from(backend).unwrap();
         if cfg!(target_os = "windows") {
             assert!(
                 config.forced_auto_mode_downgraded_on_windows,
@@ -2933,6 +2981,7 @@ model_verbosity = "high"
                 tools_web_search_request: false,
                 use_experimental_unified_exec_tool: false,
                 use_experimental_use_rmcp_client: false,
+                ghost_snapshot: GhostSnapshotConfig::default(),
                 features: Features::with_defaults(),
                 active_profile: Some("o3".to_string()),
                 active_project: ProjectConfig { trust_level: None },
@@ -3007,6 +3056,7 @@ model_verbosity = "high"
             tools_web_search_request: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,
+            ghost_snapshot: GhostSnapshotConfig::default(),
             features: Features::with_defaults(),
             active_profile: Some("gpt3".to_string()),
             active_project: ProjectConfig { trust_level: None },
@@ -3096,6 +3146,7 @@ model_verbosity = "high"
             tools_web_search_request: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,
+            ghost_snapshot: GhostSnapshotConfig::default(),
             features: Features::with_defaults(),
             active_profile: Some("zdr".to_string()),
             active_project: ProjectConfig { trust_level: None },
@@ -3171,6 +3222,7 @@ model_verbosity = "high"
             tools_web_search_request: false,
             use_experimental_unified_exec_tool: false,
             use_experimental_use_rmcp_client: false,
+            ghost_snapshot: GhostSnapshotConfig::default(),
             features: Features::with_defaults(),
             active_profile: Some("gpt5".to_string()),
             active_project: ProjectConfig { trust_level: None },

codex-rs/core/src/config/types.rs

@@ -323,8 +323,11 @@ pub struct OtelConfigToml {
     /// Mark traces with environment (dev, staging, prod, test). Defaults to dev.
     pub environment: Option<String>,
 
-    /// Exporter to use. Defaults to `otlp-file`.
+    /// Optional log exporter
     pub exporter: Option<OtelExporterKind>,
+
+    /// Optional trace exporter
+    pub trace_exporter: Option<OtelExporterKind>,
 }
 
 /// Effective OTEL settings after defaults are applied.
@@ -333,6 +336,7 @@ pub struct OtelConfig {
     pub log_user_prompt: bool,
     pub environment: String,
     pub exporter: OtelExporterKind,
+    pub trace_exporter: OtelExporterKind,
 }
 
 impl Default for OtelConfig {
@@ -341,6 +345,7 @@ impl Default for OtelConfig {
             log_user_prompt: false,
             environment: DEFAULT_OTEL_ENVIRONMENT.to_owned(),
             exporter: OtelExporterKind::None,
+            trace_exporter: OtelExporterKind::None,
         }
     }
 }
@@ -410,7 +415,7 @@ impl Notice {
 #[derive(Deserialize, Debug, Clone, PartialEq, Default)]
 pub struct SandboxWorkspaceWrite {
     #[serde(default)]
-    pub writable_roots: Vec<PathBuf>,
+    pub writable_roots: Vec<AbsolutePathBuf>,
     #[serde(default)]
     pub network_access: bool,
     #[serde(default)]

codex-rs/core/src/context_manager/history_tests.rs

@@ -699,11 +699,8 @@ fn normalize_mixed_inserts_and_removals() {
     );
 }
 
-// In debug builds we panic on normalization errors instead of silently fixing them.
-#[cfg(debug_assertions)]
 #[test]
-#[should_panic]
-fn normalize_adds_missing_output_for_function_call_panics_in_debug() {
+fn normalize_adds_missing_output_for_function_call_inserts_output() {
     let items = vec![ResponseItem::FunctionCall {
         id: None,
         name: "do_it".to_string(),
@@ -712,6 +709,24 @@ fn normalize_adds_missing_output_for_function_call_panics_in_debug() {
     }];
     let mut h = create_history_with_items(items);
     h.normalize_history();
+    assert_eq!(
+        h.contents(),
+        vec![
+            ResponseItem::FunctionCall {
+                id: None,
+                name: "do_it".to_string(),
+                arguments: "{}".to_string(),
+                call_id: "call-x".to_string(),
+            },
+            ResponseItem::FunctionCallOutput {
+                call_id: "call-x".to_string(),
+                output: FunctionCallOutputPayload {
+                    content: "aborted".to_string(),
+                    ..Default::default()
+                },
+            },
+        ]
+    );
 }
 
 #[cfg(debug_assertions)]

codex-rs/core/src/context_manager/normalize.rs

@@ -4,6 +4,7 @@ use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseItem;
 
 use crate::util::error_or_panic;
+use tracing::info;
 
 pub(crate) fn ensure_call_outputs_present(items: &mut Vec<ResponseItem>) {
     // Collect synthetic outputs to insert immediately after their calls.
@@ -22,9 +23,7 @@ pub(crate) fn ensure_call_outputs_present(items: &mut Vec<ResponseItem>) {
                 });
 
                 if !has_output {
-                    error_or_panic(format!(
-                        "Function call output is missing for call id: {call_id}"
-                    ));
+                    info!("Function call output is missing for call id: {call_id}");
                     missing_outputs_to_insert.push((
                         idx,
                         ResponseItem::FunctionCallOutput {

codex-rs/core/src/conversation_manager.rs

@@ -1,4 +1,5 @@
 use crate::AuthManager;
+#[cfg(any(test, feature = "test-support"))]
 use crate::CodexAuth;
 #[cfg(any(test, feature = "test-support"))]
 use crate::ModelProviderInfo;
@@ -14,6 +15,7 @@ use crate::protocol::Event;
 use crate::protocol::EventMsg;
 use crate::protocol::SessionConfiguredEvent;
 use crate::rollout::RolloutRecorder;
+use crate::skills::SkillsManager;
 use codex_protocol::ConversationId;
 use codex_protocol::items::TurnItem;
 use codex_protocol::models::ResponseItem;
@@ -24,6 +26,8 @@ use codex_protocol::protocol::SessionSource;
 use std::collections::HashMap;
 use std::path::PathBuf;
 use std::sync::Arc;
+#[cfg(any(test, feature = "test-support"))]
+use tempfile::TempDir;
 use tokio::sync::RwLock;
 
 /// Represents a newly created Codex conversation, including the first event
@@ -40,16 +44,23 @@ pub struct ConversationManager {
     conversations: Arc<RwLock<HashMap<ConversationId, Arc<CodexConversation>>>>,
     auth_manager: Arc<AuthManager>,
     models_manager: Arc<ModelsManager>,
+    skills_manager: Arc<SkillsManager>,
     session_source: SessionSource,
+    #[cfg(any(test, feature = "test-support"))]
+    _test_codex_home_guard: Option<TempDir>,
 }
 
 impl ConversationManager {
     pub fn new(auth_manager: Arc<AuthManager>, session_source: SessionSource) -> Self {
+        let skills_manager = Arc::new(SkillsManager::new(auth_manager.codex_home().to_path_buf()));
         Self {
             conversations: Arc::new(RwLock::new(HashMap::new())),
             auth_manager: auth_manager.clone(),
             session_source,
             models_manager: Arc::new(ModelsManager::new(auth_manager)),
+            skills_manager,
+            #[cfg(any(test, feature = "test-support"))]
+            _test_codex_home_guard: None,
         }
     }
 
@@ -57,12 +68,30 @@ impl ConversationManager {
     /// Construct with a dummy AuthManager containing the provided CodexAuth.
     /// Used for integration tests: should not be used by ordinary business logic.
     pub fn with_models_provider(auth: CodexAuth, provider: ModelProviderInfo) -> Self {
-        let auth_manager = crate::AuthManager::from_auth_for_testing(auth);
+        let temp_dir = tempfile::tempdir().unwrap_or_else(|err| panic!("temp codex home: {err}"));
+        let codex_home = temp_dir.path().to_path_buf();
+        let mut manager = Self::with_models_provider_and_home(auth, provider, codex_home);
+        manager._test_codex_home_guard = Some(temp_dir);
+        manager
+    }
+
+    #[cfg(any(test, feature = "test-support"))]
+    /// Construct with a dummy AuthManager containing the provided CodexAuth and codex home.
+    /// Used for integration tests: should not be used by ordinary business logic.
+    pub fn with_models_provider_and_home(
+        auth: CodexAuth,
+        provider: ModelProviderInfo,
+        codex_home: PathBuf,
+    ) -> Self {
+        let auth_manager = crate::AuthManager::from_auth_for_testing_with_home(auth, codex_home);
+        let skills_manager = Arc::new(SkillsManager::new(auth_manager.codex_home().to_path_buf()));
         Self {
             conversations: Arc::new(RwLock::new(HashMap::new())),
             auth_manager: auth_manager.clone(),
             session_source: SessionSource::Exec,
             models_manager: Arc::new(ModelsManager::with_provider(auth_manager, provider)),
+            skills_manager,
+            _test_codex_home_guard: None,
         }
     }
 
@@ -70,6 +99,10 @@ impl ConversationManager {
         self.session_source.clone()
     }
 
+    pub fn skills_manager(&self) -> Arc<SkillsManager> {
+        self.skills_manager.clone()
+    }
+
     pub async fn new_conversation(&self, config: Config) -> CodexResult<NewConversation> {
         self.spawn_conversation(
             config,
@@ -92,6 +125,7 @@ impl ConversationManager {
             config,
             auth_manager,
             models_manager,
+            self.skills_manager.clone(),
             InitialHistory::New,
             self.session_source.clone(),
         )
@@ -169,6 +203,7 @@ impl ConversationManager {
             config,
             auth_manager,
             self.models_manager.clone(),
+            self.skills_manager.clone(),
             initial_history,
             self.session_source.clone(),
         )
@@ -210,6 +245,7 @@ impl ConversationManager {
             config,
             auth_manager,
             self.models_manager.clone(),
+            self.skills_manager.clone(),
             history,
             self.session_source.clone(),
         )

codex-rs/core/src/default_client.rs

@@ -1,12 +1,11 @@
 use crate::spawn::CODEX_SANDBOX_ENV_VAR;
+use codex_client::CodexHttpClient;
+pub use codex_client::CodexRequestBuilder;
 use reqwest::header::HeaderValue;
 use std::sync::LazyLock;
 use std::sync::Mutex;
 use std::sync::OnceLock;
 
-use codex_client::CodexHttpClient;
-pub use codex_client::CodexRequestBuilder;
-
 /// Set this to add a suffix to the User-Agent string.
 ///
 /// It is not ideal that we're using a global singleton for this.

codex-rs/core/src/environment_context.rs

@@ -1,3 +1,4 @@
+use codex_utils_absolute_path::AbsolutePathBuf;
 use serde::Deserialize;
 use serde::Serialize;
 use strum_macros::Display as DeriveDisplay;
@@ -27,7 +28,7 @@ pub(crate) struct EnvironmentContext {
     pub approval_policy: Option<AskForApproval>,
     pub sandbox_mode: Option<SandboxMode>,
     pub network_access: Option<NetworkAccess>,
-    pub writable_roots: Option<Vec<PathBuf>>,
+    pub writable_roots: Option<Vec<AbsolutePathBuf>>,
     pub shell: Shell,
 }
 
@@ -191,6 +192,8 @@ mod tests {
     use crate::shell::ShellType;
 
     use super::*;
+    use core_test_support::test_path_buf;
+    use core_test_support::test_tmp_path_buf;
     use pretty_assertions::assert_eq;
 
     fn fake_shell() -> Shell {
@@ -203,7 +206,10 @@ mod tests {
 
     fn workspace_write_policy(writable_roots: Vec<&str>, network_access: bool) -> SandboxPolicy {
         SandboxPolicy::WorkspaceWrite {
-            writable_roots: writable_roots.into_iter().map(PathBuf::from).collect(),
+            writable_roots: writable_roots
+                .into_iter()
+                .map(|s| AbsolutePathBuf::try_from(s).unwrap())
+                .collect(),
             network_access,
             exclude_tmpdir_env_var: false,
             exclude_slash_tmp: false,
@@ -212,24 +218,37 @@ mod tests {
 
     #[test]
     fn serialize_workspace_write_environment_context() {
+        let cwd = test_path_buf("/repo");
+        let writable_root = test_tmp_path_buf();
+        let cwd_str = cwd.to_str().expect("cwd is valid utf-8");
+        let writable_root_str = writable_root
+            .to_str()
+            .expect("writable root is valid utf-8");
         let context = EnvironmentContext::new(
-            Some(PathBuf::from("/repo")),
+            Some(cwd.clone()),
             Some(AskForApproval::OnRequest),
-            Some(workspace_write_policy(vec!["/repo", "/tmp"], false)),
+            Some(workspace_write_policy(
+                vec![cwd_str, writable_root_str],
+                false,
+            )),
             fake_shell(),
         );
 
-        let expected = r#"<environment_context>
-  <cwd>/repo</cwd>
+        let expected = format!(
+            r#"<environment_context>
+  <cwd>{cwd}</cwd>
   <approval_policy>on-request</approval_policy>
   <sandbox_mode>workspace-write</sandbox_mode>
   <network_access>restricted</network_access>
   <writable_roots>
-    <root>/repo</root>
-    <root>/tmp</root>
+    <root>{cwd}</root>
+    <root>{writable_root}</root>
   </writable_roots>
   <shell>bash</shell>
-</environment_context>"#;
+</environment_context>"#,
+            cwd = cwd.display(),
+            writable_root = writable_root.display(),
+        );
 
         assert_eq!(context.serialize_to_xml(), expected);
     }

codex-rs/core/src/features.rs

@@ -325,13 +325,13 @@ pub const FEATURES: &[FeatureSpec] = &[
     },
     FeatureSpec {
         id: Feature::WindowsSandbox,
-        key: "enable_experimental_windows_sandbox",
+        key: "experimental_windows_sandbox",
         stage: Stage::Experimental,
         default_enabled: false,
     },
     FeatureSpec {
         id: Feature::WindowsSandboxElevated,
-        key: "enable_elevated_windows_sandbox",
+        key: "elevated_windows_sandbox",
         stage: Stage::Experimental,
         default_enabled: false,
     },

codex-rs/core/src/features/legacy.rs

@@ -9,6 +9,10 @@ struct Alias {
 }
 
 const ALIASES: &[Alias] = &[
+    Alias {
+        legacy_key: "enable_experimental_windows_sandbox",
+        feature: Feature::WindowsSandbox,
+    },
     Alias {
         legacy_key: "experimental_use_unified_exec_tool",
         feature: Feature::UnifiedExec,

codex-rs/core/src/lib.rs

@@ -80,6 +80,7 @@ pub mod spawn;
 pub mod terminal;
 mod tools;
 pub mod turn_diff_tracker;
+pub mod version;
 pub use rollout::ARCHIVED_SESSIONS_SUBDIR;
 pub use rollout::INTERACTIVE_SESSION_SOURCES;
 pub use rollout::RolloutRecorder;
@@ -94,6 +95,7 @@ pub use rollout::list::read_head_for_summary;
 mod function_tool;
 mod state;
 mod tasks;
+pub mod update_action;
 mod user_notification;
 mod user_shell_command;
 pub mod util;

codex-rs/core/src/mcp_connection_manager.rs

@@ -58,6 +58,7 @@ use tokio::sync::Mutex;
 use tokio::sync::oneshot;
 use tokio::task::JoinSet;
 use tokio_util::sync::CancellationToken;
+use tracing::instrument;
 use tracing::warn;
 
 use crate::codex::INITIAL_SUBMIT_ID;
@@ -397,6 +398,7 @@ impl McpConnectionManager {
 
     /// Returns a single map that contains all tools. Each key is the
     /// fully-qualified name for the tool.
+    #[instrument(skip_all)]
     pub async fn list_all_tools(&self) -> HashMap<String, ToolInfo> {
         let mut tools = HashMap::new();
         for managed_client in self.clients.values() {

codex-rs/core/src/otel_init.rs

@@ -16,7 +16,7 @@ pub fn build_provider(
     config: &Config,
     service_version: &str,
 ) -> Result<Option<OtelProvider>, Box<dyn Error>> {
-    let exporter = match &config.otel.exporter {
+    let to_otel_exporter = |kind: &Kind| match kind {
         Kind::None => OtelExporter::None,
         Kind::OtlpHttp {
             endpoint,
@@ -61,12 +61,16 @@ pub fn build_provider(
         },
     };
 
+    let exporter = to_otel_exporter(&config.otel.exporter);
+    let trace_exporter = to_otel_exporter(&config.otel.trace_exporter);
+
     OtelProvider::from(&OtelSettings {
         service_name: originator().value.to_owned(),
         service_version: service_version.to_string(),
         codex_home: config.codex_home.clone(),
         environment: config.otel.environment.to_string(),
         exporter,
+        trace_exporter,
     })
 }
 

codex-rs/core/src/rollout/policy.rs

@@ -79,6 +79,7 @@ pub(crate) fn should_persist_event_msg(ev: &EventMsg) -> bool {
         | EventMsg::McpStartupUpdate(_)
         | EventMsg::McpStartupComplete(_)
         | EventMsg::ListCustomPromptsResponse(_)
+        | EventMsg::ListSkillsResponse(_)
         | EventMsg::PlanUpdate(_)
         | EventMsg::ShutdownComplete
         | EventMsg::ViewImageToolCall(_)

codex-rs/core/src/safety.rs

@@ -210,6 +210,7 @@ fn is_write_patch_constrained_to_writable_paths(
 #[cfg(test)]
 mod tests {
     use super::*;
+    use codex_utils_absolute_path::AbsolutePathBuf;
     use tempfile::TempDir;
 
     #[test]
@@ -250,7 +251,7 @@ mod tests {
         // With the parent dir explicitly added as a writable root, the
         // outside write should be permitted.
         let policy_with_parent = SandboxPolicy::WorkspaceWrite {
-            writable_roots: vec![parent],
+            writable_roots: vec![AbsolutePathBuf::try_from(parent).unwrap()],
             network_access: false,
             exclude_tmpdir_env_var: true,
             exclude_slash_tmp: true,

codex-rs/core/src/sandboxing/mod.rs

@@ -81,7 +81,7 @@ impl SandboxManager {
             SandboxablePreference::Forbid => SandboxType::None,
             SandboxablePreference::Require => {
                 // Require a platform sandbox when available; on Windows this
-                // respects the enable_experimental_windows_sandbox feature.
+                // respects the experimental_windows_sandbox feature.
                 crate::safety::get_platform_sandbox().unwrap_or(SandboxType::None)
             }
             SandboxablePreference::Auto => match policy {

codex-rs/core/src/seatbelt.rs

@@ -63,7 +63,11 @@ pub(crate) fn create_seatbelt_command_args(
 
             for (index, wr) in writable_roots.iter().enumerate() {
                 // Canonicalize to avoid mismatches like /var vs /private/var on macOS.
-                let canonical_root = wr.root.canonicalize().unwrap_or_else(|_| wr.root.clone());
+                let canonical_root = wr
+                    .root
+                    .as_path()
+                    .canonicalize()
+                    .unwrap_or_else(|_| wr.root.to_path_buf());
                 let root_param = format!("WRITABLE_ROOT_{index}");
                 file_write_params.push((root_param.clone(), canonical_root));
 
@@ -75,7 +79,10 @@ pub(crate) fn create_seatbelt_command_args(
                     let mut require_parts: Vec<String> = Vec::new();
                     require_parts.push(format!("(subpath (param \"{root_param}\"))"));
                     for (subpath_index, ro) in wr.read_only_subpaths.iter().enumerate() {
-                        let canonical_ro = ro.canonicalize().unwrap_or_else(|_| ro.clone());
+                        let canonical_ro = ro
+                            .as_path()
+                            .canonicalize()
+                            .unwrap_or_else(|_| ro.to_path_buf());
                         let ro_param = format!("WRITABLE_ROOT_{index}_RO_{subpath_index}");
                         require_parts
                             .push(format!("(require-not (subpath (param \"{ro_param}\")))"));
@@ -182,7 +189,10 @@ mod tests {
         // Build a policy that only includes the two test roots as writable and
         // does not automatically include defaults TMPDIR or /tmp.
         let policy = SandboxPolicy::WorkspaceWrite {
-            writable_roots: vec![root_with_git, root_without_git],
+            writable_roots: vec![root_with_git, root_without_git]
+                .into_iter()
+                .map(|p| p.try_into().unwrap())
+                .collect(),
             network_access: false,
             exclude_tmpdir_env_var: true,
             exclude_slash_tmp: true,

codex-rs/core/src/skills/loader.rs

@@ -3,6 +3,7 @@ use crate::git_info::resolve_root_git_project_for_trust;
 use crate::skills::model::SkillError;
 use crate::skills::model::SkillLoadOutcome;
 use crate::skills::model::SkillMetadata;
+use codex_protocol::protocol::SkillScope;
 use dunce::canonicalize as normalize_path;
 use serde::Deserialize;
 use std::collections::VecDeque;
@@ -53,10 +54,21 @@ impl fmt::Display for SkillParseError {
 impl Error for SkillParseError {}
 
 pub fn load_skills(config: &Config) -> SkillLoadOutcome {
+    load_skills_from_roots(skill_roots(config))
+}
+
+pub(crate) struct SkillRoot {
+    pub(crate) path: PathBuf,
+    pub(crate) scope: SkillScope,
+}
+
+pub(crate) fn load_skills_from_roots<I>(roots: I) -> SkillLoadOutcome
+where
+    I: IntoIterator<Item = SkillRoot>,
+{
     let mut outcome = SkillLoadOutcome::default();
-    let roots = skill_roots(config);
     for root in roots {
-        discover_skills_under_root(&root, &mut outcome);
+        discover_skills_under_root(&root.path, root.scope, &mut outcome);
     }
 
     outcome
@@ -66,21 +78,33 @@ pub fn load_skills(config: &Config) -> SkillLoadOutcome {
     outcome
 }
 
-fn skill_roots(config: &Config) -> Vec<PathBuf> {
-    let mut roots = vec![config.codex_home.join(SKILLS_DIR_NAME)];
+pub(crate) fn user_skills_root(codex_home: &Path) -> SkillRoot {
+    SkillRoot {
+        path: codex_home.join(SKILLS_DIR_NAME),
+        scope: SkillScope::User,
+    }
+}
 
-    if let Some(repo_root) = resolve_root_git_project_for_trust(&config.cwd) {
-        roots.push(
-            repo_root
-                .join(REPO_ROOT_CONFIG_DIR_NAME)
-                .join(SKILLS_DIR_NAME),
-        );
+pub(crate) fn repo_skills_root(cwd: &Path) -> Option<SkillRoot> {
+    resolve_root_git_project_for_trust(cwd).map(|repo_root| SkillRoot {
+        path: repo_root
+            .join(REPO_ROOT_CONFIG_DIR_NAME)
+            .join(SKILLS_DIR_NAME),
+        scope: SkillScope::Repo,
+    })
+}
+
+fn skill_roots(config: &Config) -> Vec<SkillRoot> {
+    let mut roots = vec![user_skills_root(&config.codex_home)];
+
+    if let Some(repo_root) = repo_skills_root(&config.cwd) {
+        roots.push(repo_root);
     }
 
     roots
 }
 
-fn discover_skills_under_root(root: &Path, outcome: &mut SkillLoadOutcome) {
+fn discover_skills_under_root(root: &Path, scope: SkillScope, outcome: &mut SkillLoadOutcome) {
     let Ok(root) = normalize_path(root) else {
         return;
     };
@@ -124,7 +148,7 @@ fn discover_skills_under_root(root: &Path, outcome: &mut SkillLoadOutcome) {
             }
 
             if file_type.is_file() && file_name == SKILLS_FILENAME {
-                match parse_skill_file(&path) {
+                match parse_skill_file(&path, scope) {
                     Ok(skill) => outcome.skills.push(skill),
                     Err(err) => outcome.errors.push(SkillError {
                         path,
@@ -136,7 +160,7 @@ fn discover_skills_under_root(root: &Path, outcome: &mut SkillLoadOutcome) {
     }
 }
 
-fn parse_skill_file(path: &Path) -> Result<SkillMetadata, SkillParseError> {
+fn parse_skill_file(path: &Path, scope: SkillScope) -> Result<SkillMetadata, SkillParseError> {
     let contents = fs::read_to_string(path).map_err(SkillParseError::Read)?;
 
     let frontmatter = extract_frontmatter(&contents).ok_or(SkillParseError::MissingFrontmatter)?;
@@ -156,6 +180,7 @@ fn parse_skill_file(path: &Path) -> Result<SkillMetadata, SkillParseError> {
         name,
         description,
         path: resolved_path,
+        scope,
     })
 }
 

codex-rs/core/src/skills/manager.rs

@@ -0,0 +1,48 @@
+use std::collections::HashMap;
+use std::path::Path;
+use std::path::PathBuf;
+use std::sync::RwLock;
+
+use crate::skills::SkillLoadOutcome;
+use crate::skills::loader::load_skills_from_roots;
+use crate::skills::loader::repo_skills_root;
+use crate::skills::loader::user_skills_root;
+
+pub struct SkillsManager {
+    codex_home: PathBuf,
+    cache_by_cwd: RwLock<HashMap<PathBuf, SkillLoadOutcome>>,
+}
+
+impl SkillsManager {
+    pub fn new(codex_home: PathBuf) -> Self {
+        Self {
+            codex_home,
+            cache_by_cwd: RwLock::new(HashMap::new()),
+        }
+    }
+
+    pub fn skills_for_cwd(&self, cwd: &Path) -> SkillLoadOutcome {
+        let cached = match self.cache_by_cwd.read() {
+            Ok(cache) => cache.get(cwd).cloned(),
+            Err(err) => err.into_inner().get(cwd).cloned(),
+        };
+        if let Some(outcome) = cached {
+            return outcome;
+        }
+
+        let mut roots = vec![user_skills_root(&self.codex_home)];
+        if let Some(repo_root) = repo_skills_root(cwd) {
+            roots.push(repo_root);
+        }
+        let outcome = load_skills_from_roots(roots);
+        match self.cache_by_cwd.write() {
+            Ok(mut cache) => {
+                cache.insert(cwd.to_path_buf(), outcome.clone());
+            }
+            Err(err) => {
+                err.into_inner().insert(cwd.to_path_buf(), outcome.clone());
+            }
+        }
+        outcome
+    }
+}

codex-rs/core/src/skills/mod.rs

@@ -1,11 +1,13 @@
 pub mod injection;
 pub mod loader;
+pub mod manager;
 pub mod model;
 pub mod render;
 
 pub(crate) use injection::SkillInjections;
 pub(crate) use injection::build_skill_injections;
 pub use loader::load_skills;
+pub use manager::SkillsManager;
 pub use model::SkillError;
 pub use model::SkillLoadOutcome;
 pub use model::SkillMetadata;

codex-rs/core/src/skills/model.rs

@@ -1,10 +1,13 @@
 use std::path::PathBuf;
 
+use codex_protocol::protocol::SkillScope;
+
 #[derive(Debug, Clone, PartialEq, Eq)]
 pub struct SkillMetadata {
     pub name: String,
     pub description: String,
     pub path: PathBuf,
+    pub scope: SkillScope,
 }
 
 #[derive(Debug, Clone, PartialEq, Eq)]

codex-rs/core/src/state/service.rs

@@ -4,11 +4,11 @@ use crate::AuthManager;
 use crate::RolloutRecorder;
 use crate::mcp_connection_manager::McpConnectionManager;
 use crate::openai_models::models_manager::ModelsManager;
-use crate::skills::SkillLoadOutcome;
+use crate::skills::SkillsManager;
 use crate::tools::sandboxing::ApprovalStore;
 use crate::unified_exec::UnifiedExecSessionManager;
 use crate::user_notification::UserNotifier;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use tokio::sync::Mutex;
 use tokio::sync::RwLock;
 use tokio_util::sync::CancellationToken;
@@ -23,7 +23,7 @@ pub(crate) struct SessionServices {
     pub(crate) show_raw_agent_reasoning: bool,
     pub(crate) auth_manager: Arc<AuthManager>,
     pub(crate) models_manager: Arc<ModelsManager>,
-    pub(crate) otel_event_manager: OtelEventManager,
+    pub(crate) otel_manager: OtelManager,
     pub(crate) tool_approvals: Mutex<ApprovalStore>,
-    pub(crate) skills: Option<SkillLoadOutcome>,
+    pub(crate) skills_manager: Arc<SkillsManager>,
 }

codex-rs/core/src/stream_events_utils.rs

@@ -16,7 +16,9 @@ use codex_protocol::models::FunctionCallOutputPayload;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
 use futures::Future;
+use tracing::Instrument;
 use tracing::debug;
+use tracing::instrument;
 
 /// Handle a completed output item from the model stream, recording it and
 /// queuing any tool execution futures. This records items immediately so
@@ -38,6 +40,7 @@ pub(crate) struct HandleOutputCtx {
     pub cancellation_token: CancellationToken,
 }
 
+#[instrument(skip_all)]
 pub(crate) async fn handle_output_item_done(
     ctx: &mut HandleOutputCtx,
     item: ResponseItem,
@@ -58,12 +61,15 @@ pub(crate) async fn handle_output_item_done(
             let cancellation_token = ctx.cancellation_token.child_token();
             let tool_runtime = ctx.tool_runtime.clone();
 
-            let tool_future: InFlightFuture<'static> = Box::pin(async move {
-                let response_input = tool_runtime
-                    .handle_tool_call(call, cancellation_token)
-                    .await?;
-                Ok(response_input)
-            });
+            let tool_future: InFlightFuture<'static> = Box::pin(
+                async move {
+                    let response_input = tool_runtime
+                        .handle_tool_call(call, cancellation_token)
+                        .await?;
+                    Ok(response_input)
+                }
+                .in_current_span(),
+            );
 
             output.needs_follow_up = true;
             output.tool_future = Some(tool_future);
@@ -94,7 +100,7 @@ pub(crate) async fn handle_output_item_done(
             let msg = "LocalShellCall without call_id or id";
             ctx.turn_context
                 .client
-                .get_otel_event_manager()
+                .get_otel_manager()
                 .log_tool_failed("local_shell", msg);
             tracing::error!(msg);
 

codex-rs/core/src/tasks/ghost_snapshot.rs

@@ -8,8 +8,7 @@ use async_trait::async_trait;
 use codex_git::CreateGhostCommitOptions;
 use codex_git::GhostSnapshotReport;
 use codex_git::GitToolingError;
-use codex_git::capture_ghost_snapshot_report;
-use codex_git::create_ghost_commit;
+use codex_git::create_ghost_commit_with_report;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::user_input::UserInput;
 use codex_utils_readiness::Readiness;
@@ -73,18 +72,23 @@ impl SessionTask for GhostSnapshotTask {
                 _ = cancellation_token.cancelled() => true,
                 _ = async {
                     let repo_path = ctx_for_task.cwd.clone();
-                    // First, compute a snapshot report so we can warn about
-                    // large untracked directories before running the heavier
-                    // snapshot logic.
-                    if let Ok(Ok(report)) = tokio::task::spawn_blocking({
-                        let repo_path = repo_path.clone();
-                        move || {
-                            let options = CreateGhostCommitOptions::new(&repo_path);
-                            capture_ghost_snapshot_report(&options)
-                        }
+                    let ghost_snapshot = ctx_for_task.ghost_snapshot.clone();
+                    let ghost_snapshot_for_commit = ghost_snapshot.clone();
+                    // Required to run in a dedicated blocking pool.
+                    match tokio::task::spawn_blocking(move || {
+                        let options =
+                            CreateGhostCommitOptions::new(&repo_path).ghost_snapshot(ghost_snapshot_for_commit);
+                        create_ghost_commit_with_report(&options)
                     })
                     .await
-                        && let Some(message) = format_large_untracked_warning(&report) {
+                    {
+                        Ok(Ok((ghost_commit, report))) => {
+                            info!("ghost snapshot blocking task finished");
+                            for message in format_snapshot_warnings(
+                                ghost_snapshot.ignore_large_untracked_files,
+                                ghost_snapshot.ignore_large_untracked_dirs,
+                                &report,
+                            ) {
                                 session
                                     .session
                                     .send_event(
@@ -93,16 +97,6 @@ impl SessionTask for GhostSnapshotTask {
                                     )
                                     .await;
                             }
-
-                    // Required to run in a dedicated blocking pool.
-                    match tokio::task::spawn_blocking(move || {
-                        let options = CreateGhostCommitOptions::new(&repo_path);
-                        create_ghost_commit(&options)
-                    })
-                    .await
-                    {
-                        Ok(Ok(ghost_commit)) => {
-                            info!("ghost snapshot blocking task finished");
                             session
                                 .session
                                 .record_conversation_items(&ctx, &[ResponseItem::GhostSnapshot {
@@ -161,10 +155,31 @@ impl GhostSnapshotTask {
     }
 }
 
-fn format_large_untracked_warning(report: &GhostSnapshotReport) -> Option<String> {
+fn format_snapshot_warnings(
+    ignore_large_untracked_files: Option<i64>,
+    ignore_large_untracked_dirs: Option<i64>,
+    report: &GhostSnapshotReport,
+) -> Vec<String> {
+    let mut warnings = Vec::new();
+    if let Some(message) = format_large_untracked_warning(ignore_large_untracked_dirs, report) {
+        warnings.push(message);
+    }
+    if let Some(message) =
+        format_ignored_untracked_files_warning(ignore_large_untracked_files, report)
+    {
+        warnings.push(message);
+    }
+    warnings
+}
+
+fn format_large_untracked_warning(
+    ignore_large_untracked_dirs: Option<i64>,
+    report: &GhostSnapshotReport,
+) -> Option<String> {
     if report.large_untracked_dirs.is_empty() {
         return None;
     }
+    let threshold = ignore_large_untracked_dirs?;
     const MAX_DIRS: usize = 3;
     let mut parts: Vec<String> = Vec::new();
     for dir in report.large_untracked_dirs.iter().take(MAX_DIRS) {
@@ -175,7 +190,85 @@ fn format_large_untracked_warning(report: &GhostSnapshotReport) -> Option<String
         parts.push(format!("{remaining} more"));
     }
     Some(format!(
-        "Repository snapshot encountered large untracked directories: {}. This can slow Codex; consider adding these paths to .gitignore or disabling undo in your config.",
+        "Repository snapshot ignored large untracked directories (>= {threshold} files): {}. These directories are excluded from snapshots and undo cleanup. Adjust `ghost_snapshot.ignore_large_untracked_dirs` to change this behavior.",
         parts.join(", ")
     ))
 }
+
+fn format_ignored_untracked_files_warning(
+    ignore_large_untracked_files: Option<i64>,
+    report: &GhostSnapshotReport,
+) -> Option<String> {
+    let threshold = ignore_large_untracked_files?;
+    if report.ignored_untracked_files.is_empty() {
+        return None;
+    }
+
+    const MAX_FILES: usize = 3;
+    let mut parts: Vec<String> = Vec::new();
+    for file in report.ignored_untracked_files.iter().take(MAX_FILES) {
+        parts.push(format!(
+            "{} ({})",
+            file.path.display(),
+            format_bytes(file.byte_size)
+        ));
+    }
+    if report.ignored_untracked_files.len() > MAX_FILES {
+        let remaining = report.ignored_untracked_files.len() - MAX_FILES;
+        parts.push(format!("{remaining} more"));
+    }
+
+    Some(format!(
+        "Repository snapshot ignored untracked files larger than {}: {}. These files are preserved during undo cleanup, but their contents are not captured in the snapshot. Adjust `ghost_snapshot.ignore_large_untracked_files` to change this behavior. To avoid this message in the future, update your `.gitignore`.",
+        format_bytes(threshold),
+        parts.join(", ")
+    ))
+}
+
+fn format_bytes(bytes: i64) -> String {
+    const KIB: i64 = 1024;
+    const MIB: i64 = 1024 * 1024;
+
+    if bytes >= MIB {
+        return format!("{} MiB", bytes / MIB);
+    }
+    if bytes >= KIB {
+        return format!("{} KiB", bytes / KIB);
+    }
+    format!("{bytes} B")
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use codex_git::LargeUntrackedDir;
+    use pretty_assertions::assert_eq;
+    use std::path::PathBuf;
+
+    #[test]
+    fn large_untracked_warning_includes_threshold() {
+        let report = GhostSnapshotReport {
+            large_untracked_dirs: vec![LargeUntrackedDir {
+                path: PathBuf::from("models"),
+                file_count: 250,
+            }],
+            ignored_untracked_files: Vec::new(),
+        };
+
+        let message = format_large_untracked_warning(Some(200), &report).unwrap();
+        assert!(message.contains(">= 200 files"));
+    }
+
+    #[test]
+    fn large_untracked_warning_disabled_when_threshold_disabled() {
+        let report = GhostSnapshotReport {
+            large_untracked_dirs: vec![LargeUntrackedDir {
+                path: PathBuf::from("models"),
+                file_count: 250,
+            }],
+            ignored_untracked_files: Vec::new(),
+        };
+
+        assert_eq!(format_large_untracked_warning(None, &report), None);
+    }
+}

codex-rs/core/src/tasks/regular.rs

@@ -1,12 +1,13 @@
 use std::sync::Arc;
 
-use async_trait::async_trait;
-use tokio_util::sync::CancellationToken;
-
 use crate::codex::TurnContext;
 use crate::codex::run_task;
 use crate::state::TaskKind;
+use async_trait::async_trait;
 use codex_protocol::user_input::UserInput;
+use tokio_util::sync::CancellationToken;
+use tracing::Instrument;
+use tracing::info_span;
 
 use super::SessionTask;
 use super::SessionTaskContext;
@@ -28,6 +29,10 @@ impl SessionTask for RegularTask {
         cancellation_token: CancellationToken,
     ) -> Option<String> {
         let sess = session.clone_session();
-        run_task(sess, ctx, input, cancellation_token).await
+        let run_task_span =
+            info_span!(parent: sess.services.otel_manager.current_span(), "run_task");
+        run_task(sess, ctx, input, cancellation_token)
+            .instrument(run_task_span)
+            .await
     }
 }

codex-rs/core/src/tasks/undo.rs

@@ -8,7 +8,8 @@ use crate::state::TaskKind;
 use crate::tasks::SessionTask;
 use crate::tasks::SessionTaskContext;
 use async_trait::async_trait;
-use codex_git::restore_ghost_commit;
+use codex_git::RestoreGhostCommitOptions;
+use codex_git::restore_ghost_commit_with_options;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::user_input::UserInput;
 use tokio_util::sync::CancellationToken;
@@ -85,9 +86,12 @@ impl SessionTask for UndoTask {
 
         let commit_id = ghost_commit.id().to_string();
         let repo_path = ctx.cwd.clone();
-        let restore_result =
-            tokio::task::spawn_blocking(move || restore_ghost_commit(&repo_path, &ghost_commit))
-                .await;
+        let ghost_snapshot = ctx.ghost_snapshot.clone();
+        let restore_result = tokio::task::spawn_blocking(move || {
+            let options = RestoreGhostCommitOptions::new(&repo_path).ghost_snapshot(ghost_snapshot);
+            restore_ghost_commit_with_options(&options, &ghost_commit)
+        })
+        .await;
 
         match restore_result {
             Ok(Ok(())) => {

codex-rs/core/src/tools/context.rs

@@ -26,7 +26,7 @@ pub struct ToolInvocation {
     pub payload: ToolPayload,
 }
 
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub enum ToolPayload {
     Function {
         arguments: String,

codex-rs/core/src/tools/orchestrator.rs

@@ -42,11 +42,11 @@ impl ToolOrchestrator {
     where
         T: ToolRuntime<Rq, Out>,
     {
-        let otel = turn_ctx.client.get_otel_event_manager();
+        let otel = turn_ctx.client.get_otel_manager();
         let otel_tn = &tool_ctx.tool_name;
         let otel_ci = &tool_ctx.call_id;
-        let otel_user = codex_otel::otel_event_manager::ToolDecisionSource::User;
-        let otel_cfg = codex_otel::otel_event_manager::ToolDecisionSource::Config;
+        let otel_user = codex_otel::otel_manager::ToolDecisionSource::User;
+        let otel_cfg = codex_otel::otel_manager::ToolDecisionSource::Config;
 
         // 1) Approval
         let mut already_approved = false;

codex-rs/core/src/tools/parallel.rs

@@ -5,6 +5,9 @@ use tokio::sync::RwLock;
 use tokio_util::either::Either;
 use tokio_util::sync::CancellationToken;
 use tokio_util::task::AbortOnDropHandle;
+use tracing::Instrument;
+use tracing::info_span;
+use tracing::instrument;
 
 use crate::codex::Session;
 use crate::codex::TurnContext;
@@ -42,6 +45,7 @@ impl ToolCallRuntime {
         }
     }
 
+    #[instrument(skip_all, fields(call = ?call))]
     pub(crate) fn handle_tool_call(
         &self,
         call: ToolCall,
@@ -56,11 +60,20 @@ impl ToolCallRuntime {
         let lock = Arc::clone(&self.parallel_execution);
         let started = Instant::now();
 
+        let dispatch_span = info_span!(
+            "dispatch_tool_call",
+            otel.name = call.tool_name.as_str(),
+            tool_name = call.tool_name.as_str(),
+            call_id = call.call_id.as_str(),
+            aborted = false,
+        );
+
         let handle: AbortOnDropHandle<Result<ResponseInputItem, FunctionCallError>> =
             AbortOnDropHandle::new(tokio::spawn(async move {
                 tokio::select! {
                     _ = cancellation_token.cancelled() => {
                         let secs = started.elapsed().as_secs_f32().max(0.1);
+                        dispatch_span.record("aborted", true);
                         Ok(Self::aborted_response(&call, secs))
                     },
                     res = async {
@@ -72,6 +85,7 @@ impl ToolCallRuntime {
 
                         router
                             .dispatch_tool_call(session, turn, tracker, call.clone())
+                            .instrument(dispatch_span.clone())
                             .await
                     } => res,
                 }
@@ -87,6 +101,7 @@ impl ToolCallRuntime {
                 ))),
             }
         }
+        .in_current_span()
     }
 }
 

codex-rs/core/src/tools/registry.rs

@@ -64,7 +64,7 @@ impl ToolRegistry {
     ) -> Result<ResponseInputItem, FunctionCallError> {
         let tool_name = invocation.tool_name.clone();
         let call_id_owned = invocation.call_id.clone();
-        let otel = invocation.turn.client.get_otel_event_manager();
+        let otel = invocation.turn.client.get_otel_manager();
         let payload_for_response = invocation.payload.clone();
         let log_payload = payload_for_response.log_payload();
 

codex-rs/core/src/tools/router.rs

@@ -1,6 +1,3 @@
-use std::collections::HashMap;
-use std::sync::Arc;
-
 use crate::client_common::tools::ToolSpec;
 use crate::codex::Session;
 use crate::codex::TurnContext;
@@ -17,8 +14,11 @@ use codex_protocol::models::LocalShellAction;
 use codex_protocol::models::ResponseInputItem;
 use codex_protocol::models::ResponseItem;
 use codex_protocol::models::ShellToolCallParams;
+use std::collections::HashMap;
+use std::sync::Arc;
+use tracing::instrument;
 
-#[derive(Clone)]
+#[derive(Clone, Debug)]
 pub struct ToolCall {
     pub tool_name: String,
     pub call_id: String,
@@ -55,6 +55,7 @@ impl ToolRouter {
             .any(|config| config.spec.name() == tool_name)
     }
 
+    #[instrument(skip_all, err)]
     pub async fn build_tool_call(
         session: &Session,
         item: ResponseItem,
@@ -130,6 +131,7 @@ impl ToolRouter {
         }
     }
 
+    #[instrument(skip_all, err)]
     pub async fn dispatch_tool_call(
         &self,
         session: Arc<Session>,

codex-rs/core/src/update_action.rs

@@ -1,4 +1,6 @@
-/// Update action the CLI should perform after the TUI exits.
+#[cfg(any(not(debug_assertions), test))]
+use std::path::Path;
+
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]
 pub enum UpdateAction {
     /// Update via `npm install -g @openai/codex@latest`.
@@ -28,7 +30,7 @@ impl UpdateAction {
 }
 
 #[cfg(not(debug_assertions))]
-pub(crate) fn get_update_action() -> Option<UpdateAction> {
+pub fn get_update_action() -> Option<UpdateAction> {
     let exe = std::env::current_exe().unwrap_or_default();
     let managed_by_npm = std::env::var_os("CODEX_MANAGED_BY_NPM").is_some();
     let managed_by_bun = std::env::var_os("CODEX_MANAGED_BY_BUN").is_some();
@@ -41,10 +43,27 @@ pub(crate) fn get_update_action() -> Option<UpdateAction> {
     )
 }
 
+#[cfg(debug_assertions)]
+pub fn get_update_action() -> Option<UpdateAction> {
+    None
+}
+
+/// Returns the standard update-available message for clients to display.
+pub fn update_available_nudge() -> String {
+    match get_update_action() {
+        Some(action) => {
+            let command = action.command_str();
+            format!("Update available. Run `{command}` to update.")
+        }
+        None => "Update available. See https://github.com/openai/codex for installation options."
+            .to_string(),
+    }
+}
+
 #[cfg(any(not(debug_assertions), test))]
 fn detect_update_action(
     is_macos: bool,
-    current_exe: &std::path::Path,
+    current_exe: &Path,
     managed_by_npm: bool,
     managed_by_bun: bool,
 ) -> Option<UpdateAction> {
@@ -68,33 +87,23 @@ mod tests {
     #[test]
     fn detects_update_action_without_env_mutation() {
         assert_eq!(
-            detect_update_action(false, std::path::Path::new("/any/path"), false, false),
+            detect_update_action(false, Path::new("/any/path"), false, false),
             None
         );
         assert_eq!(
-            detect_update_action(false, std::path::Path::new("/any/path"), true, false),
+            detect_update_action(false, Path::new("/any/path"), true, false),
             Some(UpdateAction::NpmGlobalLatest)
         );
         assert_eq!(
-            detect_update_action(false, std::path::Path::new("/any/path"), false, true),
+            detect_update_action(false, Path::new("/any/path"), false, true),
             Some(UpdateAction::BunGlobalLatest)
         );
         assert_eq!(
-            detect_update_action(
-                true,
-                std::path::Path::new("/opt/homebrew/bin/codex"),
-                false,
-                false
-            ),
+            detect_update_action(true, Path::new("/opt/homebrew/bin/codex"), false, false),
             Some(UpdateAction::BrewUpgrade)
         );
         assert_eq!(
-            detect_update_action(
-                true,
-                std::path::Path::new("/usr/local/bin/codex"),
-                false,
-                false
-            ),
+            detect_update_action(true, Path::new("/usr/local/bin/codex"), false, false),
             Some(UpdateAction::BrewUpgrade)
         );
     }

codex-rs/core/src/version.rs

@@ -0,0 +1,247 @@
+use std::path::Path;
+
+use chrono::DateTime;
+use chrono::Utc;
+use serde::Deserialize;
+use serde::Serialize;
+
+pub const VERSION_FILENAME: &str = "version.json";
+
+#[derive(Serialize, Deserialize, Debug, Clone)]
+pub struct VersionInfo {
+    pub latest_version: String,
+    // ISO-8601 timestamp (RFC3339)
+    pub last_checked_at: DateTime<Utc>,
+    #[serde(default)]
+    pub dismissed_version: Option<String>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
+pub struct Version {
+    major: u64,
+    minor: u64,
+    patch: u64,
+    pre: Option<Vec<PrereleaseIdent>>,
+}
+
+#[derive(Debug, Clone, PartialEq, Eq)]
+enum PrereleaseIdent {
+    Numeric(u64),
+    Alpha(String),
+}
+
+impl Version {
+    pub fn parse(input: &str) -> Option<Self> {
+        let mut input = input.trim();
+        if let Some(stripped) = input.strip_prefix("rust-v") {
+            input = stripped;
+        }
+        if let Some(stripped) = input.strip_prefix('v') {
+            input = stripped;
+        }
+        let input = input.split('+').next().unwrap_or(input);
+        let mut parts = input.splitn(2, '-');
+        let core = parts.next()?;
+        let pre = parts.next();
+        let mut nums = core.split('.');
+        let major = nums.next()?.parse::<u64>().ok()?;
+        let minor = nums.next()?.parse::<u64>().ok()?;
+        let patch = nums.next()?.parse::<u64>().ok()?;
+        if nums.next().is_some() {
+            return None;
+        }
+        let pre = match pre {
+            None => None,
+            Some("") => None,
+            Some(value) => {
+                let mut idents = Vec::new();
+                for ident in value.split('.') {
+                    if ident.is_empty() {
+                        return None;
+                    }
+                    let parsed = if ident.chars().all(|c| c.is_ascii_digit()) {
+                        ident.parse::<u64>().ok().map(PrereleaseIdent::Numeric)
+                    } else {
+                        Some(PrereleaseIdent::Alpha(ident.to_string()))
+                    };
+                    idents.push(parsed?);
+                }
+                Some(idents)
+            }
+        };
+        Some(Self {
+            major,
+            minor,
+            patch,
+            pre,
+        })
+    }
+}
+
+impl Ord for Version {
+    fn cmp(&self, other: &Self) -> std::cmp::Ordering {
+        match self.major.cmp(&other.major) {
+            std::cmp::Ordering::Equal => {}
+            ordering => return ordering,
+        }
+        match self.minor.cmp(&other.minor) {
+            std::cmp::Ordering::Equal => {}
+            ordering => return ordering,
+        }
+        match self.patch.cmp(&other.patch) {
+            std::cmp::Ordering::Equal => {}
+            ordering => return ordering,
+        }
+        match (&self.pre, &other.pre) {
+            (None, None) => std::cmp::Ordering::Equal,
+            (None, Some(_)) => std::cmp::Ordering::Greater,
+            (Some(_), None) => std::cmp::Ordering::Less,
+            (Some(left), Some(right)) => compare_prerelease_idents(left, right),
+        }
+    }
+}
+
+impl PartialOrd for Version {
+    fn partial_cmp(&self, other: &Self) -> Option<std::cmp::Ordering> {
+        Some(self.cmp(other))
+    }
+}
+
+pub fn is_newer(latest: &str, current: &str) -> Option<bool> {
+    let latest = Version::parse(latest)?;
+    if latest.pre.is_some() {
+        return Some(false);
+    }
+    let current = Version::parse(current)?;
+    let current = Version {
+        pre: None,
+        ..current
+    };
+    Some(latest > current)
+}
+
+pub fn is_up_to_date(latest: &str, current: &str) -> Option<bool> {
+    let latest = Version::parse(latest)?;
+    if latest.pre.is_some() {
+        return Some(true);
+    }
+    let current = Version::parse(current)?;
+    let current = Version {
+        pre: None,
+        ..current
+    };
+    Some(current >= latest)
+}
+
+pub fn read_version_info(version_file: &Path) -> anyhow::Result<VersionInfo> {
+    let contents = std::fs::read_to_string(version_file)?;
+    Ok(serde_json::from_str(&contents)?)
+}
+
+pub fn read_latest_version(version_file: &Path) -> Option<String> {
+    read_version_info(version_file)
+        .ok()
+        .map(|info| info.latest_version)
+}
+
+pub fn extract_version_from_cask(cask_contents: &str) -> anyhow::Result<String> {
+    cask_contents
+        .lines()
+        .find_map(|line| {
+            let line = line.trim();
+            line.strip_prefix("version \"")
+                .and_then(|rest| rest.strip_suffix('"'))
+                .map(ToString::to_string)
+        })
+        .ok_or_else(|| anyhow::anyhow!("Failed to find version in Homebrew cask file"))
+}
+
+pub fn extract_version_from_latest_tag(latest_tag_name: &str) -> anyhow::Result<String> {
+    latest_tag_name
+        .strip_prefix("rust-v")
+        .map(str::to_owned)
+        .ok_or_else(|| anyhow::anyhow!("Failed to parse latest tag name '{latest_tag_name}'"))
+}
+
+fn compare_prerelease_idents(
+    left: &[PrereleaseIdent],
+    right: &[PrereleaseIdent],
+) -> std::cmp::Ordering {
+    for (l, r) in left.iter().zip(right.iter()) {
+        let ordering = match (l, r) {
+            (PrereleaseIdent::Numeric(a), PrereleaseIdent::Numeric(b)) => a.cmp(b),
+            (PrereleaseIdent::Alpha(a), PrereleaseIdent::Alpha(b)) => a.cmp(b),
+            (PrereleaseIdent::Numeric(_), PrereleaseIdent::Alpha(_)) => std::cmp::Ordering::Less,
+            (PrereleaseIdent::Alpha(_), PrereleaseIdent::Numeric(_)) => std::cmp::Ordering::Greater,
+        };
+        if ordering != std::cmp::Ordering::Equal {
+            return ordering;
+        }
+    }
+    left.len().cmp(&right.len())
+}
+
+#[cfg(test)]
+mod tests {
+    use pretty_assertions::assert_eq;
+
+    use super::*;
+
+    #[test]
+    fn prerelease_current_is_ignored() {
+        assert_eq!(is_newer("1.2.3", "1.2.3-alpha.1"), Some(false));
+        assert_eq!(is_up_to_date("1.2.3", "1.2.3-alpha.1"), Some(true));
+    }
+
+    #[test]
+    fn prerelease_latest_is_ignored() {
+        assert_eq!(is_newer("1.2.4-alpha.1", "1.2.3"), Some(false));
+        assert_eq!(is_up_to_date("1.2.4-alpha.1", "1.2.3"), Some(true));
+    }
+
+    #[test]
+    fn prerelease_latest_is_not_considered_newer() {
+        assert_eq!(is_newer("0.11.0-beta.1", "0.11.0"), Some(false));
+        assert_eq!(is_newer("1.0.0-rc.1", "1.0.0"), Some(false));
+    }
+
+    #[test]
+    fn plain_semver_comparisons_work() {
+        assert_eq!(is_newer("0.11.1", "0.11.0"), Some(true));
+        assert_eq!(is_newer("0.11.0", "0.11.1"), Some(false));
+        assert_eq!(is_newer("1.0.0", "0.9.9"), Some(true));
+        assert_eq!(is_newer("0.9.9", "1.0.0"), Some(false));
+    }
+
+    #[test]
+    fn whitespace_is_ignored() {
+        assert_eq!(Version::parse(" 1.2.3 \n").is_some(), true);
+        assert_eq!(is_newer(" 1.2.3 ", "1.2.2"), Some(true));
+    }
+
+    #[test]
+    fn parses_version_from_cask_contents() {
+        let cask = r#"
+            cask "codex" do
+              version "0.55.0"
+            end
+        "#;
+        assert_eq!(
+            extract_version_from_cask(cask).expect("failed to parse version"),
+            "0.55.0"
+        );
+    }
+
+    #[test]
+    fn extracts_version_from_latest_tag() {
+        assert_eq!(
+            extract_version_from_latest_tag("rust-v1.5.0").expect("failed to parse version"),
+            "1.5.0"
+        );
+    }
+
+    #[test]
+    fn latest_tag_without_prefix_is_invalid() {
+        assert!(extract_version_from_latest_tag("v1.5.0").is_err());
+    }
+}

codex-rs/core/tests/chat_completions_payload.rs

@@ -13,9 +13,10 @@ use codex_core::Prompt;
 use codex_core::ResponseItem;
 use codex_core::WireApi;
 use codex_core::openai_models::models_manager::ModelsManager;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::ConversationId;
 use codex_protocol::models::ReasoningItemContent;
+use codex_protocol::protocol::SessionSource;
 use core_test_support::load_default_config_for_test;
 use core_test_support::skip_if_no_network;
 use futures::StreamExt;
@@ -75,7 +76,7 @@ async fn run_request(input: Vec<ResponseItem>) -> Value {
     let conversation_id = ConversationId::new();
     let model = ModelsManager::get_model_offline(config.model.as_deref());
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -84,18 +85,19 @@ async fn run_request(input: Vec<ResponseItem>) -> Value {
         Some(AuthMode::ApiKey),
         false,
         "test".to_string(),
+        SessionSource::Exec,
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        codex_protocol::protocol::SessionSource::Exec,
+        SessionSource::Exec,
     );
 
     let mut prompt = Prompt::default();

codex-rs/core/tests/chat_completions_sse.rs

@@ -12,9 +12,10 @@ use codex_core::ResponseEvent;
 use codex_core::ResponseItem;
 use codex_core::WireApi;
 use codex_core::openai_models::models_manager::ModelsManager;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::ConversationId;
 use codex_protocol::models::ReasoningItemContent;
+use codex_protocol::protocol::SessionSource;
 use core_test_support::load_default_config_for_test;
 use core_test_support::skip_if_no_network;
 use futures::StreamExt;
@@ -76,7 +77,7 @@ async fn run_stream_with_bytes(sse_body: &[u8]) -> Vec<ResponseEvent> {
     let auth_mode = auth_manager.get_auth_mode();
     let model = ModelsManager::get_model_offline(config.model.as_deref());
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -85,18 +86,19 @@ async fn run_stream_with_bytes(sse_body: &[u8]) -> Vec<ResponseEvent> {
         auth_mode,
         false,
         "test".to_string(),
+        SessionSource::Exec,
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        codex_protocol::protocol::SessionSource::Exec,
+        SessionSource::Exec,
     );
 
     let mut prompt = Prompt::default();

codex-rs/core/tests/common/Cargo.toml

@@ -13,6 +13,7 @@ assert_cmd = { workspace = true }
 base64 = { workspace = true }
 codex-core = { workspace = true, features = ["test-support"] }
 codex-protocol = { workspace = true }
+codex-utils-absolute-path = { workspace = true }
 notify = { workspace = true }
 regex-lite = { workspace = true }
 serde_json = { workspace = true }

codex-rs/core/tests/common/lib.rs

@@ -6,7 +6,9 @@ use codex_core::CodexConversation;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
 use codex_core::config::ConfigToml;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use regex_lite::Regex;
+use std::path::PathBuf;
 
 #[cfg(target_os = "linux")]
 use assert_cmd::cargo::cargo_bin;
@@ -25,6 +27,49 @@ pub fn assert_regex_match<'s>(pattern: &str, actual: &'s str) -> regex_lite::Cap
         .unwrap_or_else(|| panic!("regex {pattern:?} did not match {actual:?}"))
 }
 
+pub fn test_path_buf_with_windows(unix_path: &str, windows_path: Option<&str>) -> PathBuf {
+    if cfg!(windows) {
+        if let Some(windows) = windows_path {
+            PathBuf::from(windows)
+        } else {
+            let mut path = PathBuf::from(r"C:\");
+            path.extend(
+                unix_path
+                    .trim_start_matches('/')
+                    .split('/')
+                    .filter(|segment| !segment.is_empty()),
+            );
+            path
+        }
+    } else {
+        PathBuf::from(unix_path)
+    }
+}
+
+pub fn test_path_buf(unix_path: &str) -> PathBuf {
+    test_path_buf_with_windows(unix_path, None)
+}
+
+pub fn test_absolute_path_with_windows(
+    unix_path: &str,
+    windows_path: Option<&str>,
+) -> AbsolutePathBuf {
+    AbsolutePathBuf::from_absolute_path(test_path_buf_with_windows(unix_path, windows_path))
+        .expect("test path should be absolute")
+}
+
+pub fn test_absolute_path(unix_path: &str) -> AbsolutePathBuf {
+    test_absolute_path_with_windows(unix_path, None)
+}
+
+pub fn test_tmp_path() -> AbsolutePathBuf {
+    test_absolute_path_with_windows("/tmp", Some(r"C:\Users\codex\AppData\Local\Temp"))
+}
+
+pub fn test_tmp_path_buf() -> PathBuf {
+    test_tmp_path().into_path_buf()
+}
+
 /// Returns a default `Config` whose on-disk state is confined to the provided
 /// temporary directory. Using a per-test directory keeps tests hermetic and
 /// avoids clobbering a developer’s real `~/.codex`.

codex-rs/core/tests/common/test_codex.rs

@@ -107,8 +107,11 @@ impl TestCodexBuilder {
         let (config, cwd) = self.prepare_config(server, &home).await?;
 
         let auth = self.auth.clone();
-        let conversation_manager =
-            ConversationManager::with_models_provider(auth.clone(), config.model_provider.clone());
+        let conversation_manager = ConversationManager::with_models_provider_and_home(
+            auth.clone(),
+            config.model_provider.clone(),
+            config.codex_home.clone(),
+        );
 
         let new_conversation = match resume_from {
             Some(path) => {

codex-rs/core/tests/responses_headers.rs

@@ -11,11 +11,12 @@ use codex_core::ResponseEvent;
 use codex_core::ResponseItem;
 use codex_core::WireApi;
 use codex_core::openai_models::models_manager::ModelsManager;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::ConversationId;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::openai_models::ReasoningSummaryFormat;
 use codex_protocol::protocol::SessionSource;
+use codex_protocol::protocol::SubAgentSource;
 use core_test_support::load_default_config_for_test;
 use core_test_support::responses;
 use futures::StreamExt;
@@ -67,8 +68,9 @@ async fn responses_stream_includes_subagent_header_on_review() {
 
     let conversation_id = ConversationId::new();
     let auth_mode = AuthMode::ChatGPT;
+    let session_source = SessionSource::SubAgent(SubAgentSource::Review);
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -77,18 +79,19 @@ async fn responses_stream_includes_subagent_header_on_review() {
         Some(auth_mode),
         false,
         "test".to_string(),
+        session_source.clone(),
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        SessionSource::SubAgent(codex_protocol::protocol::SubAgentSource::Review),
+        session_source,
     );
 
     let mut prompt = Prompt::default();
@@ -159,9 +162,10 @@ async fn responses_stream_includes_subagent_header_on_other() {
 
     let conversation_id = ConversationId::new();
     let auth_mode = AuthMode::ChatGPT;
+    let session_source = SessionSource::SubAgent(SubAgentSource::Other("my-task".to_string()));
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
 
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -170,20 +174,19 @@ async fn responses_stream_includes_subagent_header_on_other() {
         Some(auth_mode),
         false,
         "test".to_string(),
+        session_source.clone(),
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        SessionSource::SubAgent(codex_protocol::protocol::SubAgentSource::Other(
-            "my-task".to_string(),
-        )),
+        session_source,
     );
 
     let mut prompt = Prompt::default();
@@ -253,8 +256,10 @@ async fn responses_respects_model_family_overrides_from_config() {
     let conversation_id = ConversationId::new();
     let auth_mode =
         AuthManager::from_auth_for_testing(CodexAuth::from_api_key("Test API Key")).get_auth_mode();
+    let session_source =
+        SessionSource::SubAgent(SubAgentSource::Other("override-check".to_string()));
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -263,20 +268,19 @@ async fn responses_respects_model_family_overrides_from_config() {
         auth_mode,
         false,
         "test".to_string(),
+        session_source.clone(),
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        SessionSource::SubAgent(codex_protocol::protocol::SubAgentSource::Other(
-            "override-check".to_string(),
-        )),
+        session_source,
     );
 
     let mut prompt = Prompt::default();

codex-rs/core/tests/suite/client.rs

@@ -20,7 +20,7 @@ use codex_core::openai_models::models_manager::ModelsManager;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::Op;
 use codex_core::protocol::SessionSource;
-use codex_otel::otel_event_manager::OtelEventManager;
+use codex_otel::otel_manager::OtelManager;
 use codex_protocol::ConversationId;
 use codex_protocol::config_types::ReasoningSummary;
 use codex_protocol::config_types::Verbosity;
@@ -259,9 +259,10 @@ async fn resume_includes_initial_messages_and_sends_prior_items() {
     // Also configure user instructions to ensure they are NOT delivered on resume.
     config.user_instructions = Some("be nice".to_string());
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let auth_manager =
         codex_core::AuthManager::from_auth_for_testing(CodexAuth::from_api_key("Test API Key"));
@@ -345,9 +346,10 @@ async fn includes_conversation_id_and_model_headers_in_request() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let NewConversation {
         conversation: codex,
@@ -406,9 +408,10 @@ async fn includes_base_instructions_override_in_request() {
     config.base_instructions = Some("test instructions".to_string());
     config.model_provider = model_provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -466,9 +469,10 @@ async fn chatgpt_auth_sends_correct_request() {
     let codex_home = TempDir::new().unwrap();
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         create_dummy_codex_auth(),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let NewConversation {
         conversation: codex,
@@ -602,9 +606,10 @@ async fn includes_user_instructions_message_in_request() {
     config.model_provider = model_provider;
     config.user_instructions = Some("be nice".to_string());
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -671,9 +676,10 @@ async fn skills_append_to_instructions_when_feature_enabled() {
     config.features.enable(Feature::Skills);
     config.cwd = codex_home.path().to_path_buf();
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -713,6 +719,7 @@ async fn skills_append_to_instructions_when_feature_enabled() {
         instructions_text.contains(&expected_path_str),
         "expected path {expected_path_str} in instructions"
     );
+    let _codex_home_guard = codex_home;
 }
 
 #[tokio::test(flavor = "multi_thread", worker_threads = 2)]
@@ -1027,9 +1034,10 @@ async fn includes_developer_instructions_message_in_request() {
     config.user_instructions = Some("be nice".to_string());
     config.developer_instructions = Some("be useful".to_string());
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -1122,7 +1130,7 @@ async fn azure_responses_request_includes_store_and_reasoning_ids() {
     let model_family = ModelsManager::construct_model_family_offline(model.as_str(), &config);
     let conversation_id = ConversationId::new();
     let auth_manager = AuthManager::from_auth_for_testing(CodexAuth::from_api_key("Test API Key"));
-    let otel_event_manager = OtelEventManager::new(
+    let otel_manager = OtelManager::new(
         conversation_id,
         model.as_str(),
         model_family.slug.as_str(),
@@ -1131,18 +1139,19 @@ async fn azure_responses_request_includes_store_and_reasoning_ids() {
         auth_manager.get_auth_mode(),
         false,
         "test".to_string(),
+        SessionSource::Exec,
     );
 
     let client = ModelClient::new(
         Arc::clone(&config),
         None,
         model_family,
-        otel_event_manager,
+        otel_manager,
         provider,
         effort,
         summary,
         conversation_id,
-        codex_protocol::protocol::SessionSource::Exec,
+        SessionSource::Exec,
     );
 
     let mut prompt = Prompt::default();
@@ -1255,9 +1264,10 @@ async fn token_count_includes_rate_limits_snapshot() {
     let mut config = load_default_config_for_test(&home);
     config.model_provider = provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("test"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -1609,9 +1619,10 @@ async fn azure_overrides_assign_properties_used_for_responses_url() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         create_dummy_codex_auth(),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -1690,9 +1701,10 @@ async fn env_var_overrides_loaded_auth() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         create_dummy_codex_auth(),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let codex = conversation_manager
         .new_conversation(config)
@@ -1771,9 +1783,10 @@ async fn history_dedupes_streamed_and_final_messages_across_turns() {
     let mut config = load_default_config_for_test(&codex_home);
     config.model_provider = model_provider;
 
-    let conversation_manager = ConversationManager::with_models_provider(
+    let conversation_manager = ConversationManager::with_models_provider_and_home(
         CodexAuth::from_api_key("Test API Key"),
         config.model_provider.clone(),
+        config.codex_home.clone(),
     );
     let NewConversation {
         conversation: codex,

codex-rs/core/tests/suite/otel.rs

@@ -9,15 +9,26 @@ use core_test_support::responses::ev_assistant_message;
 use core_test_support::responses::ev_completed;
 use core_test_support::responses::ev_custom_tool_call;
 use core_test_support::responses::ev_function_call;
+use core_test_support::responses::ev_local_shell_call;
+use core_test_support::responses::ev_message_item_added;
+use core_test_support::responses::ev_output_text_delta;
+use core_test_support::responses::ev_reasoning_item;
+use core_test_support::responses::ev_reasoning_summary_text_delta;
+use core_test_support::responses::ev_reasoning_text_delta;
+use core_test_support::responses::ev_response_created;
+use core_test_support::responses::mount_response_once;
 use core_test_support::responses::mount_sse_once;
 use core_test_support::responses::sse;
+use core_test_support::responses::sse_response;
 use core_test_support::responses::start_mock_server;
 use core_test_support::test_codex::TestCodex;
 use core_test_support::test_codex::test_codex;
 use core_test_support::wait_for_event;
+use std::sync::Mutex;
 use tracing_test::traced_test;
 
-use core_test_support::responses::ev_local_shell_call;
+use tracing_subscriber::fmt::format::FmtSpan;
+use tracing_test::internal::MockWriter;
 
 #[tokio::test]
 #[traced_test]
@@ -437,6 +448,152 @@ async fn process_sse_emits_completed_telemetry() {
     });
 }
 
+#[tokio::test]
+async fn handle_responses_span_records_response_kind_and_tool_name() {
+    let buffer: &'static Mutex<Vec<u8>> = Box::leak(Box::new(Mutex::new(Vec::new())));
+    let subscriber = tracing_subscriber::fmt()
+        .with_level(true)
+        .with_ansi(false)
+        .with_span_events(FmtSpan::FULL)
+        .with_writer(MockWriter::new(buffer))
+        .finish();
+    let _guard = tracing::subscriber::set_default(subscriber);
+
+    let server = start_mock_server().await;
+
+    mount_sse_once(
+        &server,
+        sse(vec![
+            ev_function_call("function-call", "nonexistent", "{\"value\":1}"),
+            ev_completed("done"),
+        ]),
+    )
+    .await;
+    mount_sse_once(
+        &server,
+        sse(vec![
+            ev_assistant_message("msg-1", "tool handled"),
+            ev_completed("done"),
+        ]),
+    )
+    .await;
+
+    let TestCodex { codex, .. } = test_codex()
+        .with_config(|config| {
+            config.features.disable(Feature::GhostCommit);
+        })
+        .build(&server)
+        .await
+        .unwrap();
+
+    codex
+        .submit(Op::UserInput {
+            items: vec![UserInput::Text {
+                text: "hello".into(),
+            }],
+        })
+        .await
+        .unwrap();
+
+    wait_for_event(&codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
+
+    let logs = String::from_utf8(buffer.lock().unwrap().clone()).unwrap();
+
+    assert!(
+        logs.contains("handle_responses{otel.name=\"function_call\"")
+            && logs.contains("tool_name=\"nonexistent\"")
+            && logs.contains("from=\"output_item_done\""),
+        "missing handle_responses span with function call metadata\nlogs:\n{logs}"
+    );
+    assert!(
+        logs.contains("handle_responses{otel.name=\"completed\""),
+        "missing handle_responses span for completion\nlogs:\n{logs}"
+    );
+}
+
+#[tokio::test(flavor = "current_thread")]
+async fn record_responses_sets_span_fields_for_response_events() {
+    let buffer: &'static Mutex<Vec<u8>> = Box::leak(Box::new(Mutex::new(Vec::new())));
+    let subscriber = tracing_subscriber::fmt()
+        .with_level(true)
+        .with_ansi(false)
+        .with_span_events(FmtSpan::FULL)
+        .with_writer(MockWriter::new(buffer))
+        .finish();
+    let _guard = tracing::subscriber::set_default(subscriber);
+
+    let server = start_mock_server().await;
+
+    let sse_body = sse(vec![
+        ev_response_created("resp-1"),
+        ev_function_call("call-1", "fn", "{\"value\":1}"),
+        ev_custom_tool_call("custom-1", "custom_tool", "{\"key\":\"value\"}"),
+        ev_message_item_added("msg-added", "hi there"),
+        ev_output_text_delta("delta"),
+        ev_reasoning_summary_text_delta("summary-delta"),
+        ev_reasoning_text_delta("raw-delta"),
+        ev_function_call("call-1", "fn", "{\"key\":\"value\"}"),
+        ev_custom_tool_call("custom-1", "custom_tool", "{\"key\":\"value\"}"),
+        ev_assistant_message("msg-1", "agent"),
+        ev_reasoning_item("reasoning-1", &["summary"], &[]),
+        ev_completed("resp-1"),
+    ]);
+
+    mount_response_once(&server, sse_response(sse_body)).await;
+
+    let TestCodex { codex, .. } = test_codex()
+        .with_config(|config| {
+            config.features.disable(Feature::GhostCommit);
+        })
+        .build(&server)
+        .await
+        .unwrap();
+
+    codex
+        .submit(Op::UserInput {
+            items: vec![UserInput::Text {
+                text: "hello".into(),
+            }],
+        })
+        .await
+        .unwrap();
+
+    wait_for_event(&codex, |ev| matches!(ev, EventMsg::TaskComplete(_))).await;
+
+    let logs = String::from_utf8(buffer.lock().unwrap().clone()).unwrap();
+
+    let expected = [
+        ("created", None::<&str>, None::<&str>),
+        ("rate_limits", None, None),
+        ("function_call", Some("output_item_added"), Some("fn")),
+        ("message_from_assistant", Some("output_item_done"), None),
+        ("reasoning", Some("output_item_done"), None),
+        ("text_delta", None, None),
+        ("reasoning_summary_delta", None, None),
+        ("reasoning_content_delta", None, None),
+        ("completed", None, None),
+    ];
+
+    for (name, from, tool_name) in expected {
+        assert!(
+            logs.contains(&format!("handle_responses{{otel.name=\"{name}\"")),
+            "missing otel.name={name}\nlogs:\n{logs}"
+        );
+        if let Some(from) = from {
+            assert!(
+                logs.contains(&format!("from=\"{from}\"")),
+                "missing from={from} for {name}\nlogs:\n{logs}"
+            );
+        }
+        if let Some(tool_name) = tool_name {
+            assert!(
+                logs.contains(&format!("tool_name=\"{tool_name}\"")),
+                "missing tool_name={tool_name} for {name}\nlogs:\n{logs}"
+            );
+        }
+    }
+}
+
 #[tokio::test]
 #[traced_test]
 async fn handle_response_item_records_tool_result_for_custom_tool_call() {

codex-rs/core/tests/suite/prompt_caching.rs

@@ -11,6 +11,7 @@ use codex_core::shell::Shell;
 use codex_core::shell::default_user_shell;
 use codex_protocol::openai_models::ReasoningEffort;
 use codex_protocol::user_input::UserInput;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use core_test_support::load_sse_fixture_with_id;
 use core_test_support::responses::mount_sse_once;
 use core_test_support::responses::start_mock_server;
@@ -317,7 +318,7 @@ async fn overrides_turn_context_but_keeps_cached_prefix_and_key_constant() -> an
             cwd: None,
             approval_policy: Some(AskForApproval::Never),
             sandbox_policy: Some(SandboxPolicy::WorkspaceWrite {
-                writable_roots: vec![writable.path().to_path_buf()],
+                writable_roots: vec![writable.path().try_into().unwrap()],
                 network_access: true,
                 exclude_tmpdir_env_var: true,
                 exclude_slash_tmp: true,
@@ -507,7 +508,7 @@ async fn per_turn_overrides_keep_cached_prefix_and_key_constant() -> anyhow::Res
             cwd: new_cwd.path().to_path_buf(),
             approval_policy: AskForApproval::Never,
             sandbox_policy: SandboxPolicy::WorkspaceWrite {
-                writable_roots: vec![writable.path().to_path_buf()],
+                writable_roots: vec![AbsolutePathBuf::try_from(writable.path()).unwrap()],
                 network_access: true,
                 exclude_tmpdir_env_var: true,
                 exclude_slash_tmp: true,

codex-rs/core/tests/suite/remote_models.rs

@@ -41,6 +41,7 @@ use core_test_support::skip_if_no_network;
 use core_test_support::skip_if_sandbox;
 use core_test_support::wait_for_event;
 use core_test_support::wait_for_event_match;
+use pretty_assertions::assert_eq;
 use serde_json::json;
 use tempfile::TempDir;
 use tokio::time::Duration;
@@ -298,6 +299,108 @@ async fn remote_models_apply_remote_base_instructions() -> Result<()> {
     Ok(())
 }
 
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn remote_models_preserve_builtin_presets() -> Result<()> {
+    skip_if_no_network!(Ok(()));
+    skip_if_sandbox!(Ok(()));
+
+    let server = MockServer::start().await;
+    let remote_model = test_remote_model("remote-alpha", ModelVisibility::List, 0);
+    let models_mock = mount_models_once(
+        &server,
+        ModelsResponse {
+            models: vec![remote_model.clone()],
+            etag: String::new(),
+        },
+    )
+    .await;
+
+    let codex_home = TempDir::new()?;
+    let mut config = load_default_config_for_test(&codex_home);
+    config.features.enable(Feature::RemoteModels);
+
+    let auth = CodexAuth::from_api_key("dummy");
+    let provider = ModelProviderInfo {
+        base_url: Some(format!("{}/v1", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
+    };
+    let manager = ModelsManager::with_provider(
+        codex_core::auth::AuthManager::from_auth_for_testing(auth),
+        provider,
+    );
+
+    manager
+        .refresh_available_models(&config)
+        .await
+        .expect("refresh succeeds");
+
+    let available = manager.list_models(&config).await;
+    let remote = available
+        .iter()
+        .find(|model| model.model == "remote-alpha")
+        .expect("remote model should be listed");
+    let mut expected_remote: ModelPreset = remote_model.into();
+    expected_remote.is_default = true;
+    assert_eq!(*remote, expected_remote);
+    assert!(
+        available
+            .iter()
+            .any(|model| model.model == "gpt-5.1-codex-max"),
+        "builtin presets should remain available after refresh"
+    );
+    assert_eq!(
+        models_mock.requests().len(),
+        1,
+        "expected a single /models request"
+    );
+
+    Ok(())
+}
+
+#[tokio::test(flavor = "multi_thread", worker_threads = 2)]
+async fn remote_models_hide_picker_only_models() -> Result<()> {
+    skip_if_no_network!(Ok(()));
+    skip_if_sandbox!(Ok(()));
+
+    let server = MockServer::start().await;
+    let remote_model = test_remote_model("codex-auto-balanced", ModelVisibility::Hide, 0);
+    mount_models_once(
+        &server,
+        ModelsResponse {
+            models: vec![remote_model],
+            etag: String::new(),
+        },
+    )
+    .await;
+
+    let codex_home = TempDir::new()?;
+    let mut config = load_default_config_for_test(&codex_home);
+    config.features.enable(Feature::RemoteModels);
+
+    let auth = CodexAuth::create_dummy_chatgpt_auth_for_testing();
+    let provider = ModelProviderInfo {
+        base_url: Some(format!("{}/v1", server.uri())),
+        ..built_in_model_providers()["openai"].clone()
+    };
+    let manager = ModelsManager::with_provider(
+        codex_core::auth::AuthManager::from_auth_for_testing(auth),
+        provider,
+    );
+
+    let selected = manager.get_model(&None, &config).await;
+    assert_eq!(selected, "gpt-5.1-codex-max");
+
+    let available = manager.list_models(&config).await;
+    assert!(
+        available
+            .iter()
+            .all(|model| model.model != "codex-auto-balanced"),
+        "hidden models should not appear in the picker list"
+    );
+
+    Ok(())
+}
+
 async fn wait_for_model_available(
     manager: &Arc<ModelsManager>,
     slug: &str,
@@ -362,3 +465,32 @@ where
         conversation_manager,
     })
 }
+
+fn test_remote_model(slug: &str, visibility: ModelVisibility, priority: i32) -> ModelInfo {
+    ModelInfo {
+        slug: slug.to_string(),
+        display_name: format!("{slug} display"),
+        description: Some(format!("{slug} description")),
+        default_reasoning_level: ReasoningEffort::Medium,
+        supported_reasoning_levels: vec![ReasoningEffortPreset {
+            effort: ReasoningEffort::Medium,
+            description: ReasoningEffort::Medium.to_string(),
+        }],
+        shell_type: ConfigShellToolType::ShellCommand,
+        visibility,
+        minimal_client_version: ClientVersion(0, 1, 0),
+        supported_in_api: true,
+        priority,
+        upgrade: None,
+        base_instructions: None,
+        supports_reasoning_summaries: false,
+        support_verbosity: false,
+        default_verbosity: None,
+        apply_patch_tool_type: None,
+        truncation_policy: TruncationPolicyConfig::bytes(10_000),
+        supports_parallel_tool_calls: false,
+        context_window: None,
+        reasoning_summary_format: ReasoningSummaryFormat::None,
+        experimental_supported_tools: Vec::new(),
+    }
+}

codex-rs/core/tests/suite/seatbelt.rs

@@ -76,7 +76,7 @@ async fn if_parent_of_repo_is_writable_then_dot_git_folder_is_writable() {
     let tmp = TempDir::new().expect("should be able to create temp dir");
     let test_scenario = create_test_scenario(&tmp);
     let policy = SandboxPolicy::WorkspaceWrite {
-        writable_roots: vec![test_scenario.repo_parent.clone()],
+        writable_roots: vec![test_scenario.repo_parent.as_path().try_into().unwrap()],
         network_access: false,
         exclude_tmpdir_env_var: true,
         exclude_slash_tmp: true,
@@ -102,7 +102,7 @@ async fn if_git_repo_is_writable_root_then_dot_git_folder_is_read_only() {
     let tmp = TempDir::new().expect("should be able to create temp dir");
     let test_scenario = create_test_scenario(&tmp);
     let policy = SandboxPolicy::WorkspaceWrite {
-        writable_roots: vec![test_scenario.repo_root.clone()],
+        writable_roots: vec![test_scenario.repo_root.as_path().try_into().unwrap()],
         network_access: false,
         exclude_tmpdir_env_var: true,
         exclude_slash_tmp: true,

codex-rs/core/tests/suite/skills.rs

@@ -6,7 +6,6 @@ use codex_core::features::Feature;
 use codex_core::protocol::AskForApproval;
 use codex_core::protocol::Op;
 use codex_core::protocol::SandboxPolicy;
-use codex_core::protocol::SkillLoadOutcomeInfo;
 use codex_protocol::user_input::UserInput;
 use core_test_support::responses::ev_assistant_message;
 use core_test_support::responses::ev_completed;
@@ -115,11 +114,23 @@ async fn skill_load_errors_surface_in_session_configured() -> Result<()> {
         });
     let test = builder.build(&server).await?;
 
-    let SkillLoadOutcomeInfo { skills, errors } = test
-        .session_configured
-        .skill_load_outcome
-        .as_ref()
-        .expect("skill outcome present");
+    test.codex
+        .submit(Op::ListSkills { cwds: Vec::new() })
+        .await?;
+    let response =
+        core_test_support::wait_for_event_match(test.codex.as_ref(), |event| match event {
+            codex_core::protocol::EventMsg::ListSkillsResponse(response) => Some(response.clone()),
+            _ => None,
+        })
+        .await;
+
+    let cwd = test.cwd_path();
+    let (skills, errors) = response
+        .skills
+        .iter()
+        .find(|entry| entry.cwd.as_path() == cwd)
+        .map(|entry| (entry.skills.clone(), entry.errors.clone()))
+        .unwrap_or_default();
 
     assert!(
         skills.is_empty(),

codex-rs/docs/protocol_v1.md

@@ -68,6 +68,7 @@ For complete documentation of the `Op` and `EventMsg` variants, refer to [protoc
   - `Op::UserInput` – Any input from the user to kick off a `Task`
   - `Op::Interrupt` – Interrupts a running task
   - `Op::ExecApproval` – Approve or deny code execution
+  - `Op::ListSkills` – Request skills for one or more cwd values
 - `EventMsg`
   - `EventMsg::AgentMessage` – Messages from the `Model`
   - `EventMsg::ExecApprovalRequest` – Request approval from user to execute a command
@@ -75,6 +76,7 @@ For complete documentation of the `Op` and `EventMsg` variants, refer to [protoc
   - `EventMsg::Error` – A task stopped with an error
   - `EventMsg::Warning` – A non-fatal warning that the client should surface to the user
   - `EventMsg::TurnComplete` – Contains a `response_id` bookmark for last `response_id` executed by the task. This can be used to continue the task at a later point in time, perhaps with additional user input.
+  - `EventMsg::ListSkillsResponse` – Response payload with per-cwd skill entries (`cwd`, `skills`, `errors`)
 
 The `response_id` returned from each task matches the OpenAI `response_id` stored in the API's `/responses` endpoint. It can be stored and used in future `Sessions` to resume threads of work.
 

codex-rs/exec-server/README.md

@@ -0,0 +1,25 @@
+# codex-exec-server
+
+This crate contains the code for two executables:
+
+- `codex-exec-mcp-server` is an MCP server that provides a tool named `shell` that runs a shell command inside a sandboxed instance of Bash. Every resulting `execve(2)` call made within Bash is intercepted and run via the executable defined by the `BASH_EXEC_WRAPPER` environment variable within the Bash process. In practice, `BASH_EXEC_WRAPPER` is set to `codex-execve-wrapper`.
+- `codex-execve-wrapper` is the executable that takes the arguments to the `execve(2)` call and "escalates" it to the MCP server via a shared file descriptor (specified by the `CODEX_ESCALATE_SOCKET` environment variable) for consideration. Based on the [Codex `.rules`](https://developers.openai.com/codex/local-config#rules-preview), the MCP server replies with one of:
+  - `Run`: `codex-execve-wrapper` should invoke `execve(2)` on itself to run the original command within Bash
+  - `Escalate`: forward the file descriptors of the current process to the MCP server so the command can be run faithfully outside the sandbox. Because the MCP server will have the original FDs for `stdout` and `stderr`, it can write those directly. When the process completes, the MCP server forwards the exit code to `codex-execve-wrapper` so that it exits in a consistent manner.
+  - `Deny`: the MCP server has declared the proposed command to be "forbidden," so `codex-execve-wrapper` will print an error to `stderr` and exit with `1`.
+
+## Patched Bash
+
+We carry a small patch to `execute_cmd.c` (see `patches/bash-exec-wrapper.patch`) that adds support for `BASH_EXEC_WRAPPER`. The original commit message is “add support for BASH_EXEC_WRAPPER” and the patch applies cleanly to `a8a1c2fac029404d3f42cd39f5a20f24b6e4fe4b` from https://github.com/bminor/bash. To rebuild manually:
+
+```bash
+git clone https://github.com/bminor/bash
+git checkout a8a1c2fac029404d3f42cd39f5a20f24b6e4fe4b
+git apply /path/to/patches/bash-exec-wrapper.patch
+./configure --without-bash-malloc
+make -j"$(nproc)"
+```
+
+## Release workflow
+
+`.github/workflows/shell-tool-mcp.yml` builds the Rust binaries, compiles the patched Bash variants, assembles the `vendor/` tree, and creates `codex-shell-tool-mcp-npm-<version>.tgz` for inclusion in the Rust GitHub Release. When the version is a stable or alpha tag, the workflow also publishes the tarball to npm using OIDC. The workflow is invoked from `rust-release.yml` so the package ships alongside other Codex artifacts.

codex-rs/exec/Cargo.toml

@@ -26,8 +26,8 @@ codex-common = { workspace = true, features = [
 ] }
 codex-core = { workspace = true }
 codex-protocol = { workspace = true }
+codex-utils-absolute-path = { workspace = true }
 mcp-types = { workspace = true }
-opentelemetry-appender-tracing = { workspace = true }
 owo-colors = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }

codex-rs/exec/src/event_processor_with_human_output.rs

@@ -572,6 +572,7 @@ impl EventProcessor for EventProcessorWithHumanOutput {
             | EventMsg::GetHistoryEntryResponse(_)
             | EventMsg::McpListToolsResponse(_)
             | EventMsg::ListCustomPromptsResponse(_)
+            | EventMsg::ListSkillsResponse(_)
             | EventMsg::RawResponseItem(_)
             | EventMsg::UserMessage(_)
             | EventMsg::EnteredReviewMode(_)

codex-rs/exec/src/lib.rs

@@ -39,7 +39,6 @@ use codex_protocol::config_types::SandboxMode;
 use codex_protocol::user_input::UserInput;
 use event_processor_with_human_output::EventProcessorWithHumanOutput;
 use event_processor_with_jsonl_output::EventProcessorWithJsonOutput;
-use opentelemetry_appender_tracing::layer::OpenTelemetryTracingBridge;
 use serde_json::Value;
 use std::io::IsTerminal;
 use std::io::Read;
@@ -221,18 +220,15 @@ pub async fn run_main(cli: Cli, codex_linux_sandbox_exe: Option<PathBuf>) -> any
         }
     };
 
-    if let Some(provider) = otel.as_ref() {
-        let otel_layer = OpenTelemetryTracingBridge::new(&provider.logger).with_filter(
-            tracing_subscriber::filter::filter_fn(codex_core::otel_init::codex_export_filter),
-        );
+    let otel_logger_layer = otel.as_ref().and_then(|o| o.logger_layer());
 
-        let _ = tracing_subscriber::registry()
-            .with(fmt_layer)
-            .with(otel_layer)
-            .try_init();
-    } else {
-        let _ = tracing_subscriber::registry().with(fmt_layer).try_init();
-    }
+    let otel_tracing_layer = otel.as_ref().and_then(|o| o.tracing_layer());
+
+    let _ = tracing_subscriber::registry()
+        .with(fmt_layer)
+        .with(otel_tracing_layer)
+        .with(otel_logger_layer)
+        .try_init();
 
     let mut event_processor: Box<dyn EventProcessor> = match json_mode {
         true => Box::new(EventProcessorWithJsonOutput::new(last_message_file.clone())),

codex-rs/exec/tests/event_processor_with_json_output.rs

@@ -85,7 +85,6 @@ fn session_configured_produces_thread_started_event() {
             history_log_id: 0,
             history_entry_count: 0,
             initial_messages: None,
-            skill_load_outcome: None,
             rollout_path,
         }),
     );

codex-rs/exec/tests/suite/sandbox.rs

@@ -1,6 +1,7 @@
 #![cfg(unix)]
 use codex_core::protocol::SandboxPolicy;
 use codex_core::spawn::StdioPolicy;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use std::collections::HashMap;
 use std::future::Future;
 use std::io;
@@ -58,14 +59,14 @@ async fn spawn_command_under_sandbox(
 async fn python_multiprocessing_lock_works_under_sandbox() {
     core_test_support::skip_if_sandbox!();
     #[cfg(target_os = "macos")]
-    let writable_roots = Vec::<PathBuf>::new();
+    let writable_roots = Vec::<AbsolutePathBuf>::new();
 
     // From https://man7.org/linux/man-pages/man7/sem_overview.7.html
     //
     // > On Linux, named semaphores are created in a virtual filesystem,
     // > normally mounted under /dev/shm.
     #[cfg(target_os = "linux")]
-    let writable_roots = vec![PathBuf::from("/dev/shm")];
+    let writable_roots: Vec<AbsolutePathBuf> = vec!["/dev/shm".try_into().unwrap()];
 
     let policy = SandboxPolicy::WorkspaceWrite {
         writable_roots,

codex-rs/feedback/Cargo.toml

@@ -7,7 +7,7 @@ license.workspace = true
 [dependencies]
 anyhow = { workspace = true }
 codex-protocol = { workspace = true }
-sentry = { version = "0.34" }
+sentry = { version = "0.46" }
 tracing-subscriber = { workspace = true }
 
 [dev-dependencies]

codex-rs/linux-sandbox/Cargo.toml

@@ -18,6 +18,7 @@ workspace = true
 [target.'cfg(target_os = "linux")'.dependencies]
 clap = { workspace = true, features = ["derive"] }
 codex-core = { workspace = true }
+codex-utils-absolute-path = { workspace = true }
 landlock = { workspace = true }
 libc = { workspace = true }
 seccompiler = { workspace = true }

codex-rs/linux-sandbox/src/landlock.rs

@@ -1,11 +1,11 @@
 use std::collections::BTreeMap;
 use std::path::Path;
-use std::path::PathBuf;
 
 use codex_core::error::CodexErr;
 use codex_core::error::Result;
 use codex_core::error::SandboxErr;
 use codex_core::protocol::SandboxPolicy;
+use codex_utils_absolute_path::AbsolutePathBuf;
 
 use landlock::ABI;
 use landlock::Access;
@@ -56,7 +56,9 @@ pub(crate) fn apply_sandbox_policy_to_current_thread(
 ///
 /// # Errors
 /// Returns [`CodexErr::Sandbox`] variants when the ruleset fails to apply.
-fn install_filesystem_landlock_rules_on_current_thread(writable_roots: Vec<PathBuf>) -> Result<()> {
+fn install_filesystem_landlock_rules_on_current_thread(
+    writable_roots: Vec<AbsolutePathBuf>,
+) -> Result<()> {
     let abi = ABI::V5;
     let access_rw = AccessFs::from_all(abi);
     let access_ro = AccessFs::from_read(abi);

codex-rs/linux-sandbox/tests/suite/landlock.rs

@@ -7,6 +7,7 @@ use codex_core::exec::process_exec_tool_call;
 use codex_core::exec_env::create_env;
 use codex_core::protocol::SandboxPolicy;
 use codex_core::sandboxing::SandboxPermissions;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use std::collections::HashMap;
 use std::path::PathBuf;
 use tempfile::NamedTempFile;
@@ -48,7 +49,10 @@ async fn run_cmd(cmd: &[&str], writable_roots: &[PathBuf], timeout_ms: u64) {
     };
 
     let sandbox_policy = SandboxPolicy::WorkspaceWrite {
-        writable_roots: writable_roots.to_vec(),
+        writable_roots: writable_roots
+            .iter()
+            .map(|p| AbsolutePathBuf::try_from(p.as_path()).unwrap())
+            .collect(),
         network_access: false,
         // Exclude tmp-related folders from writable roots because we need a
         // folder that is writable by tests but that we intentionally disallow

codex-rs/mcp-server/src/codex_tool_runner.rs

@@ -279,6 +279,7 @@ async fn run_codex_tool_session_inner(
                     | EventMsg::McpToolCallEnd(_)
                     | EventMsg::McpListToolsResponse(_)
                     | EventMsg::ListCustomPromptsResponse(_)
+                    | EventMsg::ListSkillsResponse(_)
                     | EventMsg::ExecCommandBegin(_)
                     | EventMsg::TerminalInteraction(_)
                     | EventMsg::ExecCommandOutputDelta(_)

codex-rs/mcp-server/src/outgoing_message.rs

@@ -266,7 +266,6 @@ mod tests {
                 history_log_id: 1,
                 history_entry_count: 1000,
                 initial_messages: None,
-                skill_load_outcome: None,
                 rollout_path: rollout_file.path().to_path_buf(),
             }),
         };
@@ -306,7 +305,6 @@ mod tests {
             history_log_id: 1,
             history_entry_count: 1000,
             initial_messages: None,
-            skill_load_outcome: None,
             rollout_path: rollout_file.path().to_path_buf(),
         };
         let event = Event {

codex-rs/otel/Cargo.toml

@@ -12,43 +12,46 @@ path = "src/lib.rs"
 [lints]
 workspace = true
 
-[features]
-# Compile-time gate for OTLP support; disabled by default.
-# Downstream crates can enable via `features = ["otel"]`.
-default = []
-otel = ["opentelemetry", "opentelemetry_sdk", "opentelemetry-otlp", "tonic"]
-
 [dependencies]
 chrono = { workspace = true }
 codex-app-server-protocol = { workspace = true }
 codex-utils-absolute-path = { workspace = true }
+codex-api = { workspace = true }
 codex-protocol = { workspace = true }
 eventsource-stream = { workspace = true }
-opentelemetry = { workspace = true, features = ["logs"], optional = true }
+opentelemetry = { workspace = true, features = ["logs", "trace"] }
+opentelemetry-appender-tracing = { workspace = true }
 opentelemetry-otlp = { workspace = true, features = [
     "grpc-tonic",
     "http-proto",
     "http-json",
     "logs",
+    "trace",
     "reqwest-blocking-client",
     "reqwest-rustls",
     "tls",
     "tls-roots",
-], optional = true }
+]}
 opentelemetry-semantic-conventions = { workspace = true }
 opentelemetry_sdk = { workspace = true, features = [
     "logs",
     "rt-tokio",
-], optional = true }
+    "trace",
+]}
 http = { workspace = true }
 reqwest = { workspace = true, features = ["blocking", "rustls-tls"] }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 strum_macros = { workspace = true }
 tokio = { workspace = true }
-tonic = { workspace = true, optional = true, features = [
+tonic = { workspace = true, features = [
     "transport",
     "tls-native-roots",
     "tls-ring",
 ] }
 tracing = { workspace = true }
+tracing-opentelemetry = { workspace = true }
+tracing-subscriber = { workspace = true }
+
+[dev-dependencies]
+opentelemetry_sdk = { workspace = true, features = ["testing"] }

codex-rs/otel/src/config.rs

@@ -10,6 +10,7 @@ pub struct OtelSettings {
     pub service_version: String,
     pub codex_home: PathBuf,
     pub exporter: OtelExporter,
+    pub trace_exporter: OtelExporter,
 }
 
 #[derive(Clone, Debug)]

codex-rs/otel/src/lib.rs

@@ -1,26 +1,4 @@
 pub mod config;
 
-pub mod otel_event_manager;
-#[cfg(feature = "otel")]
+pub mod otel_manager;
 pub mod otel_provider;
-
-#[cfg(not(feature = "otel"))]
-mod imp {
-    use reqwest::header::HeaderMap;
-    use tracing::Span;
-
-    pub struct OtelProvider;
-
-    impl OtelProvider {
-        pub fn from(_settings: &crate::config::OtelSettings) -> Option<Self> {
-            None
-        }
-
-        pub fn headers(_span: &Span) -> HeaderMap {
-            HeaderMap::new()
-        }
-    }
-}
-
-#[cfg(not(feature = "otel"))]
-pub use imp::OtelProvider;

codex-rs/otel/src/otel_manager.rs

@@ -1,5 +1,7 @@
+use crate::otel_provider::traceparent_context_from_env;
 use chrono::SecondsFormat;
 use chrono::Utc;
+use codex_api::ResponseEvent;
 use codex_app_server_protocol::AuthMode;
 use codex_protocol::ConversationId;
 use codex_protocol::config_types::ReasoningSummary;
@@ -8,6 +10,7 @@ use codex_protocol::openai_models::ReasoningEffort;
 use codex_protocol::protocol::AskForApproval;
 use codex_protocol::protocol::ReviewDecision;
 use codex_protocol::protocol::SandboxPolicy;
+use codex_protocol::protocol::SessionSource;
 use codex_protocol::user_input::UserInput;
 use eventsource_stream::Event as StreamEvent;
 use eventsource_stream::EventStreamError as StreamError;
@@ -16,10 +19,14 @@ use reqwest::Response;
 use serde::Serialize;
 use std::borrow::Cow;
 use std::fmt::Display;
+use std::future::Future;
 use std::time::Duration;
 use std::time::Instant;
 use strum_macros::Display;
 use tokio::time::error::Elapsed;
+use tracing::Span;
+use tracing::info_span;
+use tracing_opentelemetry::OpenTelemetrySpanExt;
 
 #[derive(Debug, Clone, Serialize, Display)]
 #[serde(rename_all = "snake_case")]
@@ -42,11 +49,12 @@ pub struct OtelEventMetadata {
 }
 
 #[derive(Debug, Clone)]
-pub struct OtelEventManager {
+pub struct OtelManager {
     metadata: OtelEventMetadata,
+    session_span: Span,
 }
 
-impl OtelEventManager {
+impl OtelManager {
     #[allow(clippy::too_many_arguments)]
     pub fn new(
         conversation_id: ConversationId,
@@ -57,7 +65,14 @@ impl OtelEventManager {
         auth_mode: Option<AuthMode>,
         log_user_prompts: bool,
         terminal_type: String,
-    ) -> OtelEventManager {
+        session_source: SessionSource,
+    ) -> OtelManager {
+        let session_span = info_span!("new_session", conversation_id = %conversation_id, session_source = %session_source);
+
+        if let Some(context) = traceparent_context_from_env() {
+            session_span.set_parent(context);
+        }
+
         Self {
             metadata: OtelEventMetadata {
                 conversation_id,
@@ -70,6 +85,7 @@ impl OtelEventManager {
                 app_version: env!("CARGO_PKG_VERSION"),
                 terminal_type,
             },
+            session_span,
         }
     }
 
@@ -80,6 +96,30 @@ impl OtelEventManager {
         manager
     }
 
+    pub fn current_span(&self) -> &Span {
+        &self.session_span
+    }
+
+    pub fn record_responses(&self, handle_responses_span: &Span, event: &ResponseEvent) {
+        handle_responses_span.record("otel.name", OtelManager::responses_type(event));
+
+        match event {
+            ResponseEvent::OutputItemDone(item) => {
+                handle_responses_span.record("from", "output_item_done");
+                if let ResponseItem::FunctionCall { name, .. } = &item {
+                    handle_responses_span.record("tool_name", name.as_str());
+                }
+            }
+            ResponseEvent::OutputItemAdded(item) => {
+                handle_responses_span.record("from", "output_item_added");
+                if let ResponseItem::FunctionCall { name, .. } = &item {
+                    handle_responses_span.record("tool_name", name.as_str());
+                }
+            }
+            _ => {}
+        }
+    }
+
     #[allow(clippy::too_many_arguments)]
     pub fn conversation_starts(
         &self,
@@ -394,27 +434,13 @@ impl OtelEventManager {
             Err(error) => (Cow::Owned(error.to_string()), false),
         };
 
-        let success_str = if success { "true" } else { "false" };
-
-        tracing::event!(
-            tracing::Level::INFO,
-            event.name = "codex.tool_result",
-            event.timestamp = %timestamp(),
-            conversation.id = %self.metadata.conversation_id,
-            app.version = %self.metadata.app_version,
-            auth_mode = self.metadata.auth_mode,
-            user.account_id= self.metadata.account_id,
-            user.email = self.metadata.account_email,
-            terminal.type = %self.metadata.terminal_type,
-            model = %self.metadata.model,
-            slug = %self.metadata.slug,
-            tool_name = %tool_name,
-            call_id = %call_id,
-            arguments = %arguments,
-            duration_ms = %duration.as_millis(),
-            success = %success_str,
-            // `output` is truncated by the tool layer before reaching telemetry.
-            output = %output,
+        self.tool_result(
+            tool_name,
+            call_id,
+            arguments,
+            duration,
+            success,
+            output.as_ref(),
         );
 
         result
@@ -471,6 +497,38 @@ impl OtelEventManager {
             output = %output,
         );
     }
+
+    fn responses_type(event: &ResponseEvent) -> String {
+        match event {
+            ResponseEvent::Created => "created".into(),
+            ResponseEvent::OutputItemDone(item) => OtelManager::responses_item_type(item),
+            ResponseEvent::OutputItemAdded(item) => OtelManager::responses_item_type(item),
+            ResponseEvent::Completed { .. } => "completed".into(),
+            ResponseEvent::OutputTextDelta(_) => "text_delta".into(),
+            ResponseEvent::ReasoningSummaryDelta { .. } => "reasoning_summary_delta".into(),
+            ResponseEvent::ReasoningContentDelta { .. } => "reasoning_content_delta".into(),
+            ResponseEvent::ReasoningSummaryPartAdded { .. } => {
+                "reasoning_summary_part_added".into()
+            }
+            ResponseEvent::RateLimits(_) => "rate_limits".into(),
+        }
+    }
+
+    fn responses_item_type(item: &ResponseItem) -> String {
+        match item {
+            ResponseItem::Message { role, .. } => format!("message_from_{role}"),
+            ResponseItem::Reasoning { .. } => "reasoning".into(),
+            ResponseItem::LocalShellCall { .. } => "local_shell_call".into(),
+            ResponseItem::FunctionCall { .. } => "function_call".into(),
+            ResponseItem::FunctionCallOutput { .. } => "function_call_output".into(),
+            ResponseItem::CustomToolCall { .. } => "custom_tool_call".into(),
+            ResponseItem::CustomToolCallOutput { .. } => "custom_tool_call_output".into(),
+            ResponseItem::WebSearchCall { .. } => "web_search_call".into(),
+            ResponseItem::GhostSnapshot { .. } => "ghost_snapshot".into(),
+            ResponseItem::Compaction { .. } => "compaction".into(),
+            ResponseItem::Other => "other".into(),
+        }
+    }
 }
 
 fn timestamp() -> String {

codex-rs/otel/src/otel_provider.rs

@@ -4,142 +4,366 @@ use crate::config::OtelSettings;
 use crate::config::OtelTlsConfig;
 use codex_utils_absolute_path::AbsolutePathBuf;
 use http::Uri;
+use opentelemetry::Context;
 use opentelemetry::KeyValue;
+use opentelemetry::context::ContextGuard;
+use opentelemetry::global;
+use opentelemetry::propagation::TextMapPropagator;
+use opentelemetry::trace::TraceContextExt;
+use opentelemetry::trace::TracerProvider as _;
+use opentelemetry_appender_tracing::layer::OpenTelemetryTracingBridge;
 use opentelemetry_otlp::LogExporter;
 use opentelemetry_otlp::OTEL_EXPORTER_OTLP_LOGS_TIMEOUT;
 use opentelemetry_otlp::OTEL_EXPORTER_OTLP_TIMEOUT;
 use opentelemetry_otlp::OTEL_EXPORTER_OTLP_TIMEOUT_DEFAULT;
+use opentelemetry_otlp::OTEL_EXPORTER_OTLP_TRACES_TIMEOUT;
 use opentelemetry_otlp::Protocol;
+use opentelemetry_otlp::SpanExporter;
 use opentelemetry_otlp::WithExportConfig;
 use opentelemetry_otlp::WithHttpConfig;
 use opentelemetry_otlp::WithTonicConfig;
 use opentelemetry_sdk::Resource;
 use opentelemetry_sdk::logs::SdkLoggerProvider;
+use opentelemetry_sdk::propagation::TraceContextPropagator;
+use opentelemetry_sdk::trace::BatchSpanProcessor;
+use opentelemetry_sdk::trace::SdkTracerProvider;
+use opentelemetry_sdk::trace::Tracer;
 use opentelemetry_semantic_conventions as semconv;
 use reqwest::Certificate as ReqwestCertificate;
 use reqwest::Identity as ReqwestIdentity;
 use reqwest::header::HeaderMap;
 use reqwest::header::HeaderName;
 use reqwest::header::HeaderValue;
+use std::cell::RefCell;
+use std::collections::HashMap;
 use std::env;
 use std::error::Error;
 use std::fs;
 use std::io::ErrorKind;
 use std::io::{self};
 use std::path::PathBuf;
+use std::sync::OnceLock;
 use std::time::Duration;
 use tonic::metadata::MetadataMap;
 use tonic::transport::Certificate as TonicCertificate;
 use tonic::transport::ClientTlsConfig;
 use tonic::transport::Identity as TonicIdentity;
 use tracing::debug;
+use tracing::level_filters::LevelFilter;
+use tracing::warn;
+use tracing_subscriber::Layer;
+use tracing_subscriber::registry::LookupSpan;
 
 const ENV_ATTRIBUTE: &str = "env";
+const TRACEPARENT_ENV_VAR: &str = "TRACEPARENT";
+const TRACESTATE_ENV_VAR: &str = "TRACESTATE";
+static TRACEPARENT_CONTEXT: OnceLock<Option<Context>> = OnceLock::new();
+
+thread_local! {
+    static TRACEPARENT_GUARD: RefCell<Option<ContextGuard>> = const { RefCell::new(None) };
+}
 
 pub struct OtelProvider {
-    pub logger: SdkLoggerProvider,
+    pub logger: Option<SdkLoggerProvider>,
+    pub tracer_provider: Option<SdkTracerProvider>,
+    pub tracer: Option<Tracer>,
 }
 
 impl OtelProvider {
     pub fn shutdown(&self) {
-        let _ = self.logger.shutdown();
+        if let Some(logger) = &self.logger {
+            let _ = logger.shutdown();
+        }
+        if let Some(tracer_provider) = &self.tracer_provider {
+            let _ = tracer_provider.shutdown();
+        }
     }
 
     pub fn from(settings: &OtelSettings) -> Result<Option<Self>, Box<dyn Error>> {
-        let resource = Resource::builder()
-            .with_service_name(settings.service_name.clone())
-            .with_attributes(vec![
-                KeyValue::new(
-                    semconv::attribute::SERVICE_VERSION,
-                    settings.service_version.clone(),
-                ),
-                KeyValue::new(ENV_ATTRIBUTE, settings.environment.clone()),
-            ])
-            .build();
+        let log_enabled = !matches!(settings.exporter, OtelExporter::None);
+        let trace_enabled = !matches!(settings.trace_exporter, OtelExporter::None);
 
-        let mut builder = SdkLoggerProvider::builder().with_resource(resource);
+        if !log_enabled && !trace_enabled {
+            debug!("No exporter enabled in OTLP settings.");
+            return Ok(None);
+        }
 
-        match &settings.exporter {
-            OtelExporter::None => {
-                debug!("No exporter enabled in OTLP settings.");
-                return Ok(None);
-            }
-            OtelExporter::OtlpGrpc {
-                endpoint,
-                headers,
-                tls,
-            } => {
-                debug!("Using OTLP Grpc exporter: {endpoint}");
+        let resource = make_resource(settings);
+        let logger = log_enabled
+            .then(|| build_logger(&resource, &settings.exporter))
+            .transpose()?;
 
-                let mut header_map = HeaderMap::new();
-                for (key, value) in headers {
-                    if let Ok(name) = HeaderName::from_bytes(key.as_bytes())
-                        && let Ok(val) = HeaderValue::from_str(value)
-                    {
-                        header_map.insert(name, val);
-                    }
-                }
+        let tracer_provider = trace_enabled
+            .then(|| build_tracer_provider(&resource, &settings.trace_exporter))
+            .transpose()?;
 
-                let base_tls_config = ClientTlsConfig::new()
-                    .with_enabled_roots()
-                    .assume_http2(true);
+        let tracer = tracer_provider
+            .as_ref()
+            .map(|provider| provider.tracer(settings.service_name.clone()));
 
-                let tls_config = match tls.as_ref() {
-                    Some(tls) => build_grpc_tls_config(endpoint, base_tls_config, tls)?,
-                    None => base_tls_config,
-                };
-
-                let exporter = LogExporter::builder()
-                    .with_tonic()
-                    .with_endpoint(endpoint)
-                    .with_metadata(MetadataMap::from_headers(header_map))
-                    .with_tls_config(tls_config)
-                    .build()?;
-
-                builder = builder.with_batch_exporter(exporter);
-            }
-            OtelExporter::OtlpHttp {
-                endpoint,
-                headers,
-                protocol,
-                tls,
-            } => {
-                debug!("Using OTLP Http exporter: {endpoint}");
-
-                let protocol = match protocol {
-                    OtelHttpProtocol::Binary => Protocol::HttpBinary,
-                    OtelHttpProtocol::Json => Protocol::HttpJson,
-                };
-
-                let mut exporter_builder = LogExporter::builder()
-                    .with_http()
-                    .with_endpoint(endpoint)
-                    .with_protocol(protocol)
-                    .with_headers(headers.clone());
-
-                if let Some(tls) = tls.as_ref() {
-                    let client = build_http_client(tls)?;
-                    exporter_builder = exporter_builder.with_http_client(client);
-                }
-
-                let exporter = exporter_builder.build()?;
-
-                builder = builder.with_batch_exporter(exporter);
-            }
+        if let Some(provider) = tracer_provider.clone() {
+            let _ = global::set_tracer_provider(provider);
+            global::set_text_map_propagator(TraceContextPropagator::new());
+        }
+        if tracer.is_some() {
+            attach_traceparent_context();
         }
 
         Ok(Some(Self {
-            logger: builder.build(),
+            logger,
+            tracer_provider,
+            tracer,
         }))
     }
+
+    pub fn logger_layer<S>(&self) -> Option<impl Layer<S> + Send + Sync>
+    where
+        S: tracing::Subscriber + for<'span> LookupSpan<'span> + Send + Sync,
+    {
+        self.logger.as_ref().map(|logger| {
+            OpenTelemetryTracingBridge::new(logger).with_filter(
+                tracing_subscriber::filter::filter_fn(OtelProvider::codex_export_filter),
+            )
+        })
+    }
+
+    pub fn tracing_layer<S>(&self) -> Option<impl Layer<S> + Send + Sync>
+    where
+        S: tracing::Subscriber + for<'span> LookupSpan<'span> + Send + Sync,
+    {
+        self.tracer.as_ref().map(|tracer| {
+            tracing_opentelemetry::layer()
+                .with_tracer(tracer.clone())
+                .with_filter(LevelFilter::INFO)
+        })
+    }
+
+    pub fn codex_export_filter(meta: &tracing::Metadata<'_>) -> bool {
+        meta.target().starts_with("codex_otel")
+    }
 }
 
 impl Drop for OtelProvider {
     fn drop(&mut self) {
-        let _ = self.logger.shutdown();
+        if let Some(logger) = &self.logger {
+            let _ = logger.shutdown();
+        }
+        if let Some(tracer_provider) = &self.tracer_provider {
+            let _ = tracer_provider.shutdown();
+        }
     }
 }
 
+pub(crate) fn traceparent_context_from_env() -> Option<Context> {
+    TRACEPARENT_CONTEXT
+        .get_or_init(load_traceparent_context)
+        .clone()
+}
+
+fn attach_traceparent_context() {
+    TRACEPARENT_GUARD.with(|guard| {
+        let mut guard = guard.borrow_mut();
+        if guard.is_some() {
+            return;
+        }
+        if let Some(context) = traceparent_context_from_env() {
+            *guard = Some(context.attach());
+        }
+    });
+}
+
+fn load_traceparent_context() -> Option<Context> {
+    let traceparent = env::var(TRACEPARENT_ENV_VAR).ok()?;
+    let tracestate = env::var(TRACESTATE_ENV_VAR).ok();
+
+    match extract_traceparent_context(traceparent, tracestate) {
+        Some(context) => {
+            debug!("TRACEPARENT detected; continuing trace from parent context");
+            Some(context)
+        }
+        None => {
+            warn!("TRACEPARENT is set but invalid; ignoring trace context");
+            None
+        }
+    }
+}
+
+fn extract_traceparent_context(traceparent: String, tracestate: Option<String>) -> Option<Context> {
+    let mut headers = HashMap::new();
+    headers.insert("traceparent".to_string(), traceparent);
+    if let Some(tracestate) = tracestate {
+        headers.insert("tracestate".to_string(), tracestate);
+    }
+
+    let context = TraceContextPropagator::new().extract(&headers);
+    let span = context.span();
+    let span_context = span.span_context();
+    if !span_context.is_valid() {
+        return None;
+    }
+    Some(context)
+}
+
+fn make_resource(settings: &OtelSettings) -> Resource {
+    Resource::builder()
+        .with_service_name(settings.service_name.clone())
+        .with_attributes(vec![
+            KeyValue::new(
+                semconv::attribute::SERVICE_VERSION,
+                settings.service_version.clone(),
+            ),
+            KeyValue::new(ENV_ATTRIBUTE, settings.environment.clone()),
+        ])
+        .build()
+}
+
+fn build_logger(
+    resource: &Resource,
+    exporter: &OtelExporter,
+) -> Result<SdkLoggerProvider, Box<dyn Error>> {
+    let mut builder = SdkLoggerProvider::builder().with_resource(resource.clone());
+
+    match exporter {
+        OtelExporter::None => return Ok(builder.build()),
+        OtelExporter::OtlpGrpc {
+            endpoint,
+            headers,
+            tls,
+        } => {
+            debug!("Using OTLP Grpc exporter: {endpoint}");
+
+            let header_map = build_header_map(headers);
+
+            let base_tls_config = ClientTlsConfig::new()
+                .with_enabled_roots()
+                .assume_http2(true);
+
+            let tls_config = match tls.as_ref() {
+                Some(tls) => build_grpc_tls_config(endpoint, base_tls_config, tls)?,
+                None => base_tls_config,
+            };
+
+            let exporter = LogExporter::builder()
+                .with_tonic()
+                .with_endpoint(endpoint)
+                .with_metadata(MetadataMap::from_headers(header_map))
+                .with_tls_config(tls_config)
+                .build()?;
+
+            builder = builder.with_batch_exporter(exporter);
+        }
+        OtelExporter::OtlpHttp {
+            endpoint,
+            headers,
+            protocol,
+            tls,
+        } => {
+            debug!("Using OTLP Http exporter: {endpoint}");
+
+            let protocol = match protocol {
+                OtelHttpProtocol::Binary => Protocol::HttpBinary,
+                OtelHttpProtocol::Json => Protocol::HttpJson,
+            };
+
+            let mut exporter_builder = LogExporter::builder()
+                .with_http()
+                .with_endpoint(endpoint)
+                .with_protocol(protocol)
+                .with_headers(headers.clone());
+
+            if let Some(tls) = tls.as_ref() {
+                let client = build_http_client(tls, OTEL_EXPORTER_OTLP_LOGS_TIMEOUT)?;
+                exporter_builder = exporter_builder.with_http_client(client);
+            }
+
+            let exporter = exporter_builder.build()?;
+
+            builder = builder.with_batch_exporter(exporter);
+        }
+    }
+
+    Ok(builder.build())
+}
+
+fn build_tracer_provider(
+    resource: &Resource,
+    exporter: &OtelExporter,
+) -> Result<SdkTracerProvider, Box<dyn Error>> {
+    let span_exporter = match exporter {
+        OtelExporter::None => return Ok(SdkTracerProvider::builder().build()),
+        OtelExporter::OtlpGrpc {
+            endpoint,
+            headers,
+            tls,
+        } => {
+            debug!("Using OTLP Grpc exporter for traces: {endpoint}");
+
+            let header_map = build_header_map(headers);
+
+            let base_tls_config = ClientTlsConfig::new()
+                .with_enabled_roots()
+                .assume_http2(true);
+
+            let tls_config = match tls.as_ref() {
+                Some(tls) => build_grpc_tls_config(endpoint, base_tls_config, tls)?,
+                None => base_tls_config,
+            };
+
+            SpanExporter::builder()
+                .with_tonic()
+                .with_endpoint(endpoint)
+                .with_metadata(MetadataMap::from_headers(header_map))
+                .with_tls_config(tls_config)
+                .build()?
+        }
+        OtelExporter::OtlpHttp {
+            endpoint,
+            headers,
+            protocol,
+            tls,
+        } => {
+            debug!("Using OTLP Http exporter for traces: {endpoint}");
+
+            let protocol = match protocol {
+                OtelHttpProtocol::Binary => Protocol::HttpBinary,
+                OtelHttpProtocol::Json => Protocol::HttpJson,
+            };
+
+            let mut exporter_builder = SpanExporter::builder()
+                .with_http()
+                .with_endpoint(endpoint)
+                .with_protocol(protocol)
+                .with_headers(headers.clone());
+
+            if let Some(tls) = tls.as_ref() {
+                let client = build_http_client(tls, OTEL_EXPORTER_OTLP_TRACES_TIMEOUT)?;
+                exporter_builder = exporter_builder.with_http_client(client);
+            }
+
+            exporter_builder.build()?
+        }
+    };
+
+    let processor = BatchSpanProcessor::builder(span_exporter).build();
+
+    Ok(SdkTracerProvider::builder()
+        .with_resource(resource.clone())
+        .with_span_processor(processor)
+        .build())
+}
+
+fn build_header_map(headers: &HashMap<String, String>) -> HeaderMap {
+    let mut header_map = HeaderMap::new();
+    for (key, value) in headers {
+        if let Ok(name) = HeaderName::from_bytes(key.as_bytes())
+            && let Ok(val) = HeaderValue::from_str(value)
+        {
+            header_map.insert(name, val);
+        }
+    }
+    header_map
+}
+
 fn build_grpc_tls_config(
     endpoint: &str,
     tls_config: ClientTlsConfig,
@@ -182,17 +406,21 @@ fn build_grpc_tls_config(
 /// `opentelemetry_sdk` `BatchLogProcessor` spawns a dedicated OS thread that uses
 /// `futures_executor::block_on()` rather than tokio. When the async reqwest client's
 /// timeout calls `tokio::time::sleep()`, it panics with "no reactor running".
-fn build_http_client(tls: &OtelTlsConfig) -> Result<reqwest::blocking::Client, Box<dyn Error>> {
+fn build_http_client(
+    tls: &OtelTlsConfig,
+    timeout_var: &str,
+) -> Result<reqwest::blocking::Client, Box<dyn Error>> {
     // Wrap in block_in_place because reqwest::blocking::Client creates its own
     // internal tokio runtime, which would panic if built directly from an async context.
-    tokio::task::block_in_place(|| build_http_client_inner(tls))
+    tokio::task::block_in_place(|| build_http_client_inner(tls, timeout_var))
 }
 
 fn build_http_client_inner(
     tls: &OtelTlsConfig,
+    timeout_var: &str,
 ) -> Result<reqwest::blocking::Client, Box<dyn Error>> {
-    let mut builder = reqwest::blocking::Client::builder()
-        .timeout(resolve_otlp_timeout(OTEL_EXPORTER_OTLP_LOGS_TIMEOUT));
+    let mut builder =
+        reqwest::blocking::Client::builder().timeout(resolve_otlp_timeout(timeout_var));
 
     if let Some(path) = tls.ca_certificate.as_ref() {
         let (pem, location) = read_bytes(path)?;
@@ -267,3 +495,32 @@ fn read_bytes(path: &AbsolutePathBuf) -> Result<(Vec<u8>, PathBuf), Box<dyn Erro
 fn config_error(message: impl Into<String>) -> Box<dyn Error> {
     Box::new(io::Error::new(ErrorKind::InvalidData, message.into()))
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use opentelemetry::trace::SpanId;
+    use opentelemetry::trace::TraceContextExt;
+    use opentelemetry::trace::TraceId;
+
+    #[test]
+    fn parses_valid_traceparent() {
+        let trace_id = "00000000000000000000000000000001";
+        let span_id = "0000000000000002";
+        let context = extract_traceparent_context(format!("00-{trace_id}-{span_id}-01"), None)
+            .expect("trace context");
+        let span = context.span();
+        let span_context = span.span_context();
+        assert_eq!(
+            span_context.trace_id(),
+            TraceId::from_hex(trace_id).unwrap()
+        );
+        assert_eq!(span_context.span_id(), SpanId::from_hex(span_id).unwrap());
+        assert!(span_context.is_remote());
+    }
+
+    #[test]
+    fn invalid_traceparent_returns_none() {
+        assert!(extract_traceparent_context("not-a-traceparent".to_string(), None).is_none());
+    }
+}

codex-rs/protocol/Cargo.toml

@@ -13,7 +13,7 @@ workspace = true
 
 [dependencies]
 codex-git = { workspace = true }
-
+codex-utils-absolute-path = { workspace = true }
 codex-utils-image = { workspace = true }
 icu_decimal = { workspace = true }
 icu_locale_core = { workspace = true }

codex-rs/protocol/src/protocol.rs

@@ -23,6 +23,7 @@ use crate::openai_models::ReasoningEffort as ReasoningEffortConfig;
 use crate::parse_command::ParsedCommand;
 use crate::plan_tool::UpdatePlanArgs;
 use crate::user_input::UserInput;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use mcp_types::CallToolResult;
 use mcp_types::RequestId;
 use mcp_types::Resource as McpResource;
@@ -34,6 +35,7 @@ use serde::Serialize;
 use serde_json::Value;
 use serde_with::serde_as;
 use strum_macros::Display;
+use tracing::error;
 use ts_rs::TS;
 
 pub use crate::approvals::ApplyPatchApprovalRequestEvent;
@@ -184,6 +186,15 @@ pub enum Op {
     /// Request the list of available custom prompts.
     ListCustomPrompts,
 
+    /// Request the list of skills for the provided `cwd` values or the session default.
+    ListSkills {
+        /// Working directories to scope repo skills discovery.
+        ///
+        /// When empty, the session default working directory is used.
+        #[serde(default, skip_serializing_if = "Vec::is_empty")]
+        cwds: Vec<PathBuf>,
+    },
+
     /// Request the agent to summarize the current conversation context.
     /// The agent will use its existing context (either conversation history or previous response id)
     /// to generate a summary which will be returned as an AgentMessage event.
@@ -273,7 +284,7 @@ pub enum SandboxPolicy {
         /// Additional folders (beyond cwd and possibly TMPDIR) that should be
         /// writable from within the sandbox.
         #[serde(default, skip_serializing_if = "Vec::is_empty")]
-        writable_roots: Vec<PathBuf>,
+        writable_roots: Vec<AbsolutePathBuf>,
 
         /// When set to `true`, outbound network access is allowed. `false` by
         /// default.
@@ -299,11 +310,9 @@ pub enum SandboxPolicy {
 /// not modified by the agent.
 #[derive(Debug, Clone, PartialEq, Eq, JsonSchema)]
 pub struct WritableRoot {
-    /// Absolute path, by construction.
-    pub root: PathBuf,
+    pub root: AbsolutePathBuf,
 
-    /// Also absolute paths, by construction.
-    pub read_only_subpaths: Vec<PathBuf>,
+    pub read_only_subpaths: Vec<AbsolutePathBuf>,
 }
 
 impl WritableRoot {
@@ -385,16 +394,30 @@ impl SandboxPolicy {
                 network_access: _,
             } => {
                 // Start from explicitly configured writable roots.
-                let mut roots: Vec<PathBuf> = writable_roots.clone();
+                let mut roots: Vec<AbsolutePathBuf> = writable_roots.clone();
 
                 // Always include defaults: cwd, /tmp (if present on Unix), and
                 // on macOS, the per-user TMPDIR unless explicitly excluded.
-                roots.push(cwd.to_path_buf());
+                // TODO(mbolin): cwd param should be AbsolutePathBuf.
+                let cwd_absolute = AbsolutePathBuf::from_absolute_path(cwd);
+                match cwd_absolute {
+                    Ok(cwd) => {
+                        roots.push(cwd);
+                    }
+                    Err(e) => {
+                        error!(
+                            "Ignoring invalid cwd {:?} for sandbox writable root: {}",
+                            cwd, e
+                        );
+                    }
+                }
 
                 // Include /tmp on Unix unless explicitly excluded.
                 if cfg!(unix) && !exclude_slash_tmp {
-                    let slash_tmp = PathBuf::from("/tmp");
-                    if slash_tmp.is_dir() {
+                    #[allow(clippy::expect_used)]
+                    let slash_tmp =
+                        AbsolutePathBuf::from_absolute_path("/tmp").expect("/tmp is absolute");
+                    if slash_tmp.as_path().is_dir() {
                         roots.push(slash_tmp);
                     }
                 }
@@ -411,7 +434,16 @@ impl SandboxPolicy {
                     && let Some(tmpdir) = std::env::var_os("TMPDIR")
                     && !tmpdir.is_empty()
                 {
-                    roots.push(PathBuf::from(tmpdir));
+                    match AbsolutePathBuf::from_absolute_path(PathBuf::from(&tmpdir)) {
+                        Ok(tmpdir_path) => {
+                            roots.push(tmpdir_path);
+                        }
+                        Err(e) => {
+                            error!(
+                                "Ignoring invalid TMPDIR value {tmpdir:?} for sandbox writable root: {e}",
+                            );
+                        }
+                    }
                 }
 
                 // For each root, compute subpaths that should remain read-only.
@@ -419,8 +451,11 @@ impl SandboxPolicy {
                     .into_iter()
                     .map(|writable_root| {
                         let mut subpaths = Vec::new();
-                        let top_level_git = writable_root.join(".git");
-                        if top_level_git.is_dir() {
+                        #[allow(clippy::expect_used)]
+                        let top_level_git = writable_root
+                            .join(".git")
+                            .expect(".git is a valid relative path");
+                        if top_level_git.as_path().is_dir() {
                             subpaths.push(top_level_git);
                         }
                         WritableRoot {
@@ -562,6 +597,9 @@ pub enum EventMsg {
     /// List of custom prompts available to the agent.
     ListCustomPromptsResponse(ListCustomPromptsResponseEvent),
 
+    /// List of skills available to the agent.
+    ListSkillsResponse(ListSkillsResponseEvent),
+
     PlanUpdate(UpdatePlanArgs),
 
     TurnAborted(TurnAbortedEvent),
@@ -1624,11 +1662,26 @@ pub struct ListCustomPromptsResponseEvent {
     pub custom_prompts: Vec<CustomPrompt>,
 }
 
+/// Response payload for `Op::ListSkills`.
 #[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS)]
-pub struct SkillInfo {
+pub struct ListSkillsResponseEvent {
+    pub skills: Vec<SkillsListEntry>,
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize, JsonSchema, TS)]
+#[serde(rename_all = "snake_case")]
+#[ts(rename_all = "snake_case")]
+pub enum SkillScope {
+    User,
+    Repo,
+}
+
+#[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS)]
+pub struct SkillMetadata {
     pub name: String,
     pub description: String,
     pub path: PathBuf,
+    pub scope: SkillScope,
 }
 
 #[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS)]
@@ -1637,9 +1690,10 @@ pub struct SkillErrorInfo {
     pub message: String,
 }
 
-#[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS, Default)]
-pub struct SkillLoadOutcomeInfo {
-    pub skills: Vec<SkillInfo>,
+#[derive(Debug, Clone, Deserialize, Serialize, JsonSchema, TS)]
+pub struct SkillsListEntry {
+    pub cwd: PathBuf,
+    pub skills: Vec<SkillMetadata>,
     pub errors: Vec<SkillErrorInfo>,
 }
 
@@ -1678,9 +1732,6 @@ pub struct SessionConfiguredEvent {
     #[serde(skip_serializing_if = "Option::is_none")]
     pub initial_messages: Option<Vec<EventMsg>>,
 
-    #[serde(skip_serializing_if = "Option::is_none")]
-    pub skill_load_outcome: Option<SkillLoadOutcomeInfo>,
-
     pub rollout_path: PathBuf,
 }
 
@@ -1808,7 +1859,6 @@ mod tests {
                 history_log_id: 0,
                 history_entry_count: 0,
                 initial_messages: None,
-                skill_load_outcome: None,
                 rollout_path: rollout_file.path().to_path_buf(),
             }),
         };

codex-rs/tui/Cargo.toml

@@ -41,6 +41,7 @@ codex-feedback = { workspace = true }
 codex-file-search = { workspace = true }
 codex-login = { workspace = true }
 codex-protocol = { workspace = true }
+codex-utils-absolute-path = { workspace = true }
 color-eyre = { workspace = true }
 crossterm = { workspace = true, features = ["bracketed-paste", "event-stream"] }
 derive_more = { workspace = true, features = ["is_variant"] }
@@ -51,7 +52,6 @@ image = { workspace = true, features = ["jpeg", "png"] }
 itertools = { workspace = true }
 lazy_static = { workspace = true }
 mcp-types = { workspace = true }
-opentelemetry-appender-tracing = { workspace = true }
 pathdiff = { workspace = true }
 pulldown-cmark = { workspace = true }
 rand = { workspace = true }

codex-rs/tui/src/app.rs

@@ -31,9 +31,10 @@ use codex_core::openai_models::model_presets::HIDE_GPT5_1_MIGRATION_PROMPT_CONFI
 use codex_core::openai_models::models_manager::ModelsManager;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::FinalOutput;
+use codex_core::protocol::ListSkillsResponseEvent;
 use codex_core::protocol::Op;
 use codex_core::protocol::SessionSource;
-use codex_core::protocol::SkillLoadOutcomeInfo;
+use codex_core::protocol::SkillErrorInfo;
 use codex_core::protocol::TokenUsage;
 use codex_core::skills::SkillError;
 use codex_protocol::ConversationId;
@@ -50,6 +51,7 @@ use ratatui::text::Line;
 use ratatui::widgets::Paragraph;
 use ratatui::widgets::Wrap;
 use std::collections::BTreeMap;
+use std::path::Path;
 use std::path::PathBuf;
 use std::sync::Arc;
 use std::sync::atomic::AtomicBool;
@@ -86,9 +88,8 @@ fn session_summary(
     })
 }
 
-fn skill_errors_from_outcome(outcome: &SkillLoadOutcomeInfo) -> Vec<SkillError> {
-    outcome
-        .errors
+fn skill_errors_from_info(errors: &[SkillErrorInfo]) -> Vec<SkillError> {
+    errors
         .iter()
         .map(|err| SkillError {
             path: err.path.clone(),
@@ -97,6 +98,15 @@ fn skill_errors_from_outcome(outcome: &SkillLoadOutcomeInfo) -> Vec<SkillError>
         .collect()
 }
 
+fn errors_for_cwd(cwd: &Path, response: &ListSkillsResponseEvent) -> Vec<SkillErrorInfo> {
+    response
+        .skills
+        .iter()
+        .find(|entry| entry.cwd.as_path() == cwd)
+        .map(|entry| entry.errors.clone())
+        .unwrap_or_default()
+}
+
 #[derive(Debug, Clone, PartialEq, Eq)]
 struct SessionSummary {
     usage_line: String,
@@ -688,11 +698,14 @@ impl App {
                     self.suppress_shutdown_complete = false;
                     return Ok(true);
                 }
-                if let EventMsg::SessionConfigured(cfg) = &event.msg
-                    && let Some(outcome) = cfg.skill_load_outcome.as_ref()
-                    && !outcome.errors.is_empty()
-                {
-                    let errors = skill_errors_from_outcome(outcome);
+                if let EventMsg::ListSkillsResponse(response) = &event.msg {
+                    let cwd = self.chat_widget.config_ref().cwd.clone();
+                    let errors = errors_for_cwd(&cwd, response);
+                    if errors.is_empty() {
+                        self.chat_widget.handle_codex_event(event);
+                        return Ok(true);
+                    }
+                    let errors = skill_errors_from_info(&errors);
                     match run_skill_error_prompt(tui, &errors).await {
                         SkillErrorPromptOutcome::Exit => {
                             self.chat_widget.submit_op(Op::Shutdown);
@@ -1382,7 +1395,6 @@ mod tests {
                 history_log_id: 0,
                 history_entry_count: 0,
                 initial_messages: None,
-                skill_load_outcome: None,
                 rollout_path: PathBuf::new(),
             };
             Arc::new(new_session_info(
@@ -1438,7 +1450,6 @@ mod tests {
             history_log_id: 0,
             history_entry_count: 0,
             initial_messages: None,
-            skill_load_outcome: None,
             rollout_path: PathBuf::new(),
         };
 

codex-rs/tui/src/bottom_pane/chat_composer.rs

@@ -1511,7 +1511,8 @@ impl ChatComposer {
 
         let toggles = matches!(key_event.code, KeyCode::Char('?'))
             && !has_ctrl_or_alt(key_event.modifiers)
-            && self.is_empty();
+            && self.is_empty()
+            && !self.is_in_paste_burst();
 
         if !toggles {
             return false;
@@ -2171,6 +2172,35 @@ mod tests {
         assert_eq!(composer.footer_mode(), FooterMode::ContextOnly);
     }
 
+    #[test]
+    fn question_mark_does_not_toggle_during_paste_burst() {
+        use crossterm::event::KeyCode;
+        use crossterm::event::KeyEvent;
+        use crossterm::event::KeyModifiers;
+
+        let (tx, _rx) = unbounded_channel::<AppEvent>();
+        let sender = AppEventSender::new(tx);
+        let mut composer = ChatComposer::new(
+            true,
+            sender,
+            false,
+            "Ask Codex to do anything".to_string(),
+            false,
+        );
+
+        for ch in ['h', 'i', '?', 't', 'h', 'e', 'r', 'e'] {
+            let _ = composer.handle_key_event(KeyEvent::new(KeyCode::Char(ch), KeyModifiers::NONE));
+        }
+        assert!(composer.is_in_paste_burst());
+        assert_eq!(composer.textarea.text(), "");
+
+        std::thread::sleep(ChatComposer::recommended_paste_flush_delay());
+        let _ = composer.flush_paste_burst_if_due();
+
+        assert_eq!(composer.textarea.text(), "hi?there");
+        assert_ne!(composer.footer_mode, FooterMode::ShortcutOverlay);
+    }
+
     #[test]
     fn shortcut_overlay_persists_while_task_running() {
         use crossterm::event::KeyCode;

codex-rs/tui/src/chatwidget.rs

@@ -33,6 +33,7 @@ use codex_core::protocol::ExecCommandEndEvent;
 use codex_core::protocol::ExecCommandSource;
 use codex_core::protocol::ExitedReviewModeEvent;
 use codex_core::protocol::ListCustomPromptsResponseEvent;
+use codex_core::protocol::ListSkillsResponseEvent;
 use codex_core::protocol::McpListToolsResponseEvent;
 use codex_core::protocol::McpStartupCompleteEvent;
 use codex_core::protocol::McpStartupStatus;
@@ -44,7 +45,7 @@ use codex_core::protocol::PatchApplyBeginEvent;
 use codex_core::protocol::RateLimitSnapshot;
 use codex_core::protocol::ReviewRequest;
 use codex_core::protocol::ReviewTarget;
-use codex_core::protocol::SkillLoadOutcomeInfo;
+use codex_core::protocol::SkillsListEntry;
 use codex_core::protocol::StreamErrorEvent;
 use codex_core::protocol::TaskCompleteEvent;
 use codex_core::protocol::TerminalInteractionEvent;
@@ -117,6 +118,15 @@ use crate::text_formatting::truncate_text;
 use crate::tui::FrameRequester;
 mod interrupts;
 use self::interrupts::InterruptManager;
+
+#[cfg(test)]
+use crate::version::CODEX_CLI_VERSION;
+#[cfg(test)]
+use codex_core::version::VERSION_FILENAME;
+#[cfg(test)]
+use codex_core::version::is_newer;
+#[cfg(test)]
+use codex_core::version::read_version_info;
 mod agent;
 use self::agent::spawn_agent;
 use self::agent::spawn_agent_from_existing;
@@ -392,7 +402,7 @@ impl ChatWidget {
     fn on_session_configured(&mut self, event: codex_core::protocol::SessionConfiguredEvent) {
         self.bottom_pane
             .set_history_metadata(event.history_log_id, event.history_entry_count);
-        self.set_skills_from_outcome(event.skill_load_outcome.as_ref());
+        self.set_skills(None);
         self.conversation_id = Some(event.session_id);
         self.current_rollout_path = Some(event.rollout_path.clone());
         let initial_messages = event.initial_messages.clone();
@@ -409,6 +419,7 @@ impl ChatWidget {
         }
         // Ask codex-core to enumerate custom prompts for this session.
         self.submit_op(Op::ListCustomPrompts);
+        self.submit_op(Op::ListSkills { cwds: Vec::new() });
         if let Some(user_message) = self.initial_user_message.take() {
             self.submit_user_message(user_message);
         }
@@ -417,11 +428,15 @@ impl ChatWidget {
         }
     }
 
-    fn set_skills_from_outcome(&mut self, outcome: Option<&SkillLoadOutcomeInfo>) {
-        let skills = outcome.map(skills_from_outcome);
+    fn set_skills(&mut self, skills: Option<Vec<SkillMetadata>>) {
         self.bottom_pane.set_skills(skills);
     }
 
+    fn set_skills_from_response(&mut self, response: &ListSkillsResponseEvent) {
+        let skills = skills_for_cwd(&self.config.cwd, &response.skills);
+        self.set_skills(Some(skills));
+    }
+
     pub(crate) fn open_feedback_note(
         &mut self,
         category: crate::app_event::FeedbackCategory,
@@ -670,7 +685,45 @@ impl ChatWidget {
         self.model_family.clone()
     }
 
+    fn maybe_append_update_nudge(&self, message: String) -> String {
+        if !self.should_show_update_nudge() {
+            return message;
+        }
+        let nudge = crate::update_action::update_available_nudge();
+        if message.is_empty() {
+            nudge
+        } else {
+            format!("{message}\n{nudge}")
+        }
+    }
+
+    #[cfg(not(debug_assertions))]
+    fn should_show_update_nudge(&self) -> bool {
+        if env!("CARGO_PKG_VERSION") == "0.0.0" {
+            return false;
+        }
+        crate::updates::get_upgrade_version(&self.config).is_some()
+    }
+
+    #[cfg(test)]
+    fn should_show_update_nudge(&self) -> bool {
+        if !self.config.check_for_update_on_startup {
+            return false;
+        }
+        let version_file = self.config.codex_home.join(VERSION_FILENAME);
+        read_version_info(&version_file)
+            .ok()
+            .and_then(|info| is_newer(&info.latest_version, CODEX_CLI_VERSION))
+            .unwrap_or(false)
+    }
+
+    #[cfg(all(debug_assertions, not(test)))]
+    fn should_show_update_nudge(&self) -> bool {
+        false
+    }
+
     fn on_error(&mut self, message: String) {
+        let message = self.maybe_append_update_nudge(message);
         self.finalize_turn();
         self.add_to_history(history_cell::new_error_event(message));
         self.request_redraw();
@@ -949,6 +1002,7 @@ impl ChatWidget {
     }
 
     fn on_stream_error(&mut self, message: String) {
+        let message = self.maybe_append_update_nudge(message);
         if self.retry_status_header.is_none() {
             self.retry_status_header = Some(self.current_status_header.clone());
         }
@@ -1879,6 +1933,7 @@ impl ChatWidget {
             EventMsg::GetHistoryEntryResponse(ev) => self.on_get_history_entry_response(ev),
             EventMsg::McpListToolsResponse(ev) => self.on_list_mcp_tools(ev),
             EventMsg::ListCustomPromptsResponse(ev) => self.on_list_custom_prompts(ev),
+            EventMsg::ListSkillsResponse(ev) => self.on_list_skills(ev),
             EventMsg::ShutdownComplete => self.on_shutdown_complete(),
             EventMsg::TurnDiff(TurnDiffEvent { unified_diff }) => self.on_turn_diff(unified_diff),
             EventMsg::DeprecationNotice(ev) => self.on_deprecation_notice(ev),
@@ -3092,6 +3147,10 @@ impl ChatWidget {
         self.bottom_pane.set_custom_prompts(ev.custom_prompts);
     }
 
+    fn on_list_skills(&mut self, ev: ListSkillsResponseEvent) {
+        self.set_skills_from_response(&ev);
+    }
+
     pub(crate) fn open_review_popup(&mut self) {
         let mut items: Vec<SelectionItem> = Vec::new();
 
@@ -3476,16 +3535,23 @@ pub(crate) fn show_review_commit_picker_with_entries(
     });
 }
 
-fn skills_from_outcome(outcome: &SkillLoadOutcomeInfo) -> Vec<SkillMetadata> {
-    outcome
-        .skills
+fn skills_for_cwd(cwd: &Path, skills_entries: &[SkillsListEntry]) -> Vec<SkillMetadata> {
+    skills_entries
         .iter()
-        .map(|skill| SkillMetadata {
-            name: skill.name.clone(),
-            description: skill.description.clone(),
-            path: skill.path.clone(),
+        .find(|entry| entry.cwd.as_path() == cwd)
+        .map(|entry| {
+            entry
+                .skills
+                .iter()
+                .map(|skill| SkillMetadata {
+                    name: skill.name.clone(),
+                    description: skill.description.clone(),
+                    path: skill.path.clone(),
+                    scope: skill.scope,
+                })
+                .collect()
         })
-        .collect()
+        .unwrap_or_default()
 }
 
 fn find_skill_mentions(text: &str, skills: &[SkillMetadata]) -> Vec<SkillMetadata> {

codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__error_event_history.snap

@@ -0,0 +1,6 @@
+---
+source: tui/src/chatwidget/tests.rs
+expression: last
+---
+■ Something failed.
+Update available. See https://github.com/openai/codex for installation options.

codex-rs/tui/src/chatwidget/snapshots/codex_tui__chatwidget__tests__stream_error_status_header.snap

@@ -0,0 +1,6 @@
+---
+source: tui/src/chatwidget/tests.rs
+expression: status.header()
+---
+Reconnecting... 2/5
+Update available. See https://github.com/openai/codex for installation options.

codex-rs/tui/src/chatwidget/tests.rs

@@ -4,6 +4,7 @@ use crate::app_event_sender::AppEventSender;
 use crate::test_backend::VT100Backend;
 use crate::tui::FrameRequester;
 use assert_matches::assert_matches;
+use chrono::Utc;
 use codex_common::approval_presets::builtin_approval_presets;
 use codex_core::AuthManager;
 use codex_core::CodexAuth;
@@ -18,6 +19,7 @@ use codex_core::protocol::AgentReasoningEvent;
 use codex_core::protocol::ApplyPatchApprovalRequestEvent;
 use codex_core::protocol::BackgroundEventEvent;
 use codex_core::protocol::CreditsSnapshot;
+use codex_core::protocol::ErrorEvent;
 use codex_core::protocol::Event;
 use codex_core::protocol::EventMsg;
 use codex_core::protocol::ExecApprovalRequestEvent;
@@ -49,6 +51,8 @@ use codex_core::protocol::UndoCompletedEvent;
 use codex_core::protocol::UndoStartedEvent;
 use codex_core::protocol::ViewImageToolCallEvent;
 use codex_core::protocol::WarningEvent;
+use codex_core::version::VERSION_FILENAME;
+use codex_core::version::VersionInfo;
 use codex_protocol::ConversationId;
 use codex_protocol::account::PlanType;
 use codex_protocol::openai_models::ModelPreset;
@@ -58,11 +62,13 @@ use codex_protocol::plan_tool::PlanItemArg;
 use codex_protocol::plan_tool::StepStatus;
 use codex_protocol::plan_tool::UpdatePlanArgs;
 use codex_protocol::protocol::CodexErrorInfo;
+use codex_utils_absolute_path::AbsolutePathBuf;
 use crossterm::event::KeyCode;
 use crossterm::event::KeyEvent;
 use crossterm::event::KeyModifiers;
 use insta::assert_snapshot;
 use pretty_assertions::assert_eq;
+use serde_json;
 use std::collections::HashSet;
 use std::path::PathBuf;
 use tempfile::NamedTempFile;
@@ -124,7 +130,6 @@ fn resumed_initial_messages_render_history() {
                 message: "assistant reply".to_string(),
             }),
         ]),
-        skill_load_outcome: None,
         rollout_path: rollout_file.path().to_path_buf(),
     };
 
@@ -492,6 +497,24 @@ fn lines_to_single_string(lines: &[ratatui::text::Line<'static>]) -> String {
     s
 }
 
+fn set_update_available(config: &mut Config) -> tempfile::TempDir {
+    let codex_home = tempdir().expect("tempdir");
+    config.codex_home = codex_home.path().to_path_buf();
+    config.check_for_update_on_startup = true;
+    let info = VersionInfo {
+        latest_version: "9999.0.0".to_string(),
+        last_checked_at: Utc::now(),
+        dismissed_version: None,
+    };
+    let json_line = format!(
+        "{}\n",
+        serde_json::to_string(&info).expect("serialize version info")
+    );
+    std::fs::write(codex_home.path().join(VERSION_FILENAME), json_line)
+        .expect("write version info");
+    codex_home
+}
+
 fn make_token_info(total_tokens: i64, context_window: i64) -> TokenUsageInfo {
     fn usage(total_tokens: i64) -> TokenUsage {
         TokenUsage {
@@ -1807,7 +1830,7 @@ fn preset_matching_ignores_extra_writable_roots() {
         .find(|p| p.id == "auto")
         .expect("auto preset exists");
     let current_sandbox = SandboxPolicy::WorkspaceWrite {
-        writable_roots: vec![PathBuf::from("C:\\extra")],
+        writable_roots: vec![AbsolutePathBuf::try_from("C:\\extra").unwrap()],
         network_access: false,
         exclude_tmpdir_env_var: false,
         exclude_slash_tmp: false,
@@ -2924,6 +2947,7 @@ fn plan_update_renders_history_cell() {
 #[test]
 fn stream_error_updates_status_indicator() {
     let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(None);
+    let _tempdir = set_update_available(&mut chat.config);
     chat.bottom_pane.set_task_running(true);
     let msg = "Reconnecting... 2/5";
     chat.handle_codex_event(Event {
@@ -2943,7 +2967,10 @@ fn stream_error_updates_status_indicator() {
         .bottom_pane
         .status_widget()
         .expect("status indicator should be visible");
-    assert_eq!(status.header(), msg);
+    let nudge = crate::update_action::update_available_nudge();
+    let expected = format!("{msg}\n{nudge}");
+    assert_eq!(status.header(), expected);
+    assert_snapshot!("stream_error_status_header", status.header());
 }
 
 #[test]
@@ -2965,6 +2992,23 @@ fn warning_event_adds_warning_history_cell() {
     );
 }
 
+#[test]
+fn error_event_renders_history_snapshot() {
+    let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(None);
+    let _tempdir = set_update_available(&mut chat.config);
+    chat.handle_codex_event(Event {
+        id: "sub-1".into(),
+        msg: EventMsg::Error(ErrorEvent {
+            message: "Something failed.".to_string(),
+            codex_error_info: Some(CodexErrorInfo::Other),
+        }),
+    });
+
+    let cells = drain_insert_history(&mut rx);
+    let last = lines_to_single_string(cells.last().expect("error history cell"));
+    assert_snapshot!("error_event_history", last);
+}
+
 #[test]
 fn stream_recovery_restores_previous_status_header() {
     let (mut chat, mut rx, _op_rx) = make_chatwidget_manual(None);