OpenAI has released a Codex Chrome extension for Mac and PC, designed to simplify browser-based tasks that were previously hard to manage through APIs or plugins. This launch reflects a broader pattern: since the introduction of “Computer Use,” most users have preferred working within a browser, enabling Codex to handle a wider range of web-based activities more effectively.
What the Extension Actually Does
Prior to this update, Codex could use an in-app browser — a self-contained browser environment within the Codex desktop app — along with a growing set of plugins for platforms like GitHub, Slack, Figma, and Notion. The new Chrome extension addresses a limitation those tools couldn’t overcome: tasks that depend on your actual, authenticated browser session.
With the Codex Chrome extension, Codex can now leverage your real Chrome browser for actions that require your logged-in state. It’s meant for scenarios where Codex needs to access or interact with sites such as LinkedIn, Salesforce, Gmail, or internal company tools. For everything else — like local development servers, file-based previews, and public pages that don’t need authentication — you can keep using the in-app browser, which keeps preview and verification tasks within Codex without affecting your Chrome profile.
Codex now works across three different tool tiers depending on the task: plugins when a dedicated integration exists, Chrome when it needs your logged-in browser context, and the in-app browser for localhost. The agent picks the right tier on its own, though you can also explicitly call Chrome in a prompt using the @Chrome mention syntax — for example: @Chrome open Salesforce and update the account from these call notes. If Chrome isn’t already running, Codex can launch it.
On the functionality side, the plugin’s new browser-based features include testing web apps, gathering context from across open tabs, and using Chrome DevTools in parallel while you work on other things. Importantly, Codex operates within task-specific tab groups, so it can collect information and take actions without disrupting your active browsing session.
How to Install and Use the Codex Chrome Extension
Quick Start Guide
Installing and Using the Codex Chrome Extension
Five steps to link Codex with your signed-in browser. Compatible with macOS and Windows. Not yet available in the EU or UK.
Download the extension from the Chrome Web Store
Launch Chrome and navigate to the Codex listing in the Chrome Web Store. Select Add to Desktop and confirm the prompt that appears.
⚠ Codex does not currently support other Chromium-based browsers such as Brave, Edge, or Arc.
Add the Chrome plugin within the Codex app
Launch the Codex desktop app and go to Plugins. Locate the Chrome plugin and click Add. Codex will guide you through the setup process.
Codex App
›
Plugins
›
Chrome
›
Add
Chrome
Allow Codex to use your signed-in browser
Add
Grant Chrome permissions and verify “Connected” status
Chrome will prompt you to accept a set of extension permissions. Once approved, open Chrome and check that the Codex extension displays Connected in the toolbar.
Permissions requested by the extension
Extension status in Chrome toolbar
These permissions enable the extension to carry out browser workflows. Codex still enforces its own per-site confirmation prompts and allowlist/blocklist on top of these Chrome permissions.
Start a new Codex thread and call Chrome
Create a new thread in Codex. You can let Codex automatically select the appropriate tool, or directly invoke Chrome using the @Chrome mention. Codex will launch Chrome if it isn’t already open.
@Chrome open
Salesforce and update the account from these call notes.
You can also describe the task in plain language — Codex will automatically choose Chrome whenever the task involves a signed-in website.
Review and approve site access when prompted
By default, Codex requests permission before interacting with each new website host. You’ll see three options each time it asks. Set up a permanent allowlist and blocklist in Computer Use settings.
Codex is requesting access to salesforce.com
Allow this chat
Always allow host
Decline
Example: Codex working in Chrome
@Chrome Go to my LinkedIn notifications, summarize any messages from recruiters, and draft a short reply to each.
Opening Chrome · Requesting access to linkedin.com
Working in tab group · Your active tabs are unaffected
Sara H. — Eng Manager role
Draft ready
James K. — ML Lead, Series B
Draft ready
Priya M. — Staff Engineer
Draft ready
Task complete · Pages kept open for review
Codex tab group in Chrome
LinkedIn — Inbox
Message · Sara H.
+2 more
Before you get started — three key things to know
Treat page content as untrusted. Malicious pages can embed hidden instructions designed to manipulate Codex’s behavior (prompt injection). Always review websites before granting access.
Memories setting affects browser tasks. If Memories is enabled, Codex can draw on previously stored context during Chrome tasks. Disable Memories for fully isolated sessions.
File uploads require an extra setting. Navigate to Chrome Extensions › Codex › Details and enable Allow access to file URLs if any task involves uploading a local file.
Permission Model and Security Considerations
The Codex Chrome extension requires broad browser permissions—including access to your history, bookmarks, and page data—to operate as an integrated AI agent. To reduce security risks, OpenAI has added a per-site confirmation layer that requests permission before Codex interacts with a new domain. Users can manage these permissions through an allowlist or blocklist, though certain features like browser history access carry higher risk and require manual approval for each session.
Beyond standard permissions, developers should be aware of prompt injection, where malicious website content could potentially override Codex’s instructions. To protect data privacy, OpenAI only stores browser activity when it is explicitly added to a chat’s context, such as through screenshots or text summaries. For maximum isolation, turning off the Memories feature ensures that browser-based tasks remain free from previous session data or user preferences.
Check out the Chrome Extension and Full Docs. Also, feel free to follow us on Twitter and don’t forget to join our 150k+ ML SubReddit and subscribe to our Newsletter. Wait! Are you on Telegram? Now you can join us on Telegram as well.
Need to partner with us for promoting your GitHub Repo OR Hugging Face Page OR Product Release OR Webinar etc.? Connect with us
