Your Next App Builds Itself

Codex Sites represents a fundamental shift from rapid, single-prompt generators like Replit or lovable. While those platforms excel at quickly spinning up an editor, database, and server from a single command, Codex Sites demands a different investment from its users. It prioritizes long-term autonomy over immediate setup simplicity.

This platform trades the convenience of one-prompt deployment for the power of self-updating products. Builders must initially prompt in core infrastructure components such as authentication, databases, payments, email services, analytics, and a secrets vault. This upfront work establishes a robust foundation for an agent-operated application.

The true value of Codex Sites emerges post-launch, as it updates apps autonomously. This capability means a deployed product can evolve and improve without constant manual intervention, driven by AI agents within the Codex ecosystem. The system keeps operating and enhancing the product on its live URL.

Codex Sites specifically targets builders already deeply invested in the Codex ecosystem. These users leverage the platform not for quick demos, but for creating sophisticated products that AI agents will continuously manage and operate. The payoff is an application that truly builds itself, evolving dynamically over time.

The 'startup ideas OS' example demonstrates the foundational steps. Builders initiate the process with a six prompts workflow, starting by instructing Codex Sites to "build the shell." This establishes the basic application interface. The second prompt then integrates persistent storage, or "memory," ensuring the application retains data across sessions and interactions.

Adding memory is critical, and the process mandates prompting for the data model upfront. For the 'startup ideas OS,' this meant specifying Cloudflare D1 and defining a clear structure for "ideas" records, including fields like buyer, pain, proof, and score. This early data model definition is crucial for establishing the application's underlying architecture and ensuring consistency.

Unlike one-prompt solutions such as Replit or lovable, Codex Sites does not bundle every essential service by default. Users must explicitly prompt for critical functionalities. These include: - Authentication (auth) - Databases - Payments - Email sending - Analytics - Secrets vault This approach provides granular control but requires a more hands-on setup for a complete production-ready application.

Agentic control for your application hinges on safe actions, a core mechanism that defines an AI’s operational boundaries. These approved functions and named mutations allow the agent to call specific, sanctioned methods, ensuring all edits and updates, like those to the startup ideas OS, occur within secure, predefined parameters. This prevents unintended operations, channeling AI interactions into secure pathways.

Next, skills function as reusable instruction manuals, teaching the agent complex, multi-step tasks. For the startup ideas board, a skill might instruct the AI on how to read the board, add new ideas, move cards between columns, or score entries. These skills encapsulate intricate sequences, often complete with five example commands, streamlining future autonomous operations.

The workflow begins by prompting the AI to identify precisely which safe actions and skills it requires, directly informed by the app's intended functionality. For the startup ideas board, this involves asking Codex what mutations are essential for data manipulation and what operational sequences are needed to manage ideas effectively. This iterative prompting guides the AI in defining its own comprehensive toolkit for autonomous operation. For further reading on this paradigm, see Codex for every role, tool, and workflow | OpenAI.

Development on Codex Sites incorporates a critical save-gate mechanism. This isn't just saving progress; it establishes deliberate checkpoints, akin to video game save points, ensuring stability. Builders explicitly command Codex to "save as V1 review," effectively freezing the current application state for thorough validation of the build, chosen persistent storage, and access settings prior to live deployment. This disciplined approach prevents unverified changes from reaching production.

Following a successful save-gate, the next vital phase involves proving the loop. This step rigorously demonstrates the AI agent's capacity for autonomous operation post-deployment. After publishing, the agent must successfully execute tasks from a fresh chat, confirming its ability to manage and interact with the live application without further direct human oversight. For the "startup ideas OS" example, this validates that weekly automations can independently add new concepts to the board.

Ultimately, Codex Sites delivers a profound shift: the real unlock is a live, operational application that manages itself autonomously. Once deployed, Codex takes charge, overseeing and updating the product on its own schedule. This capability transforms app development from a series of static builds into a continuous, agent-driven process, where the software evolves and maintains itself dynamically in response to ongoing needs.

What is Codex Sites?

Codex Sites is a feature within OpenAI's Codex that allows users to build web applications which can be autonomously updated and operated by an AI agent after they are published.

How does Codex Sites differ from tools like Replit or Lovable?

While tools like Replit are optimized for one-prompt app generation with bundled features, Codex Sites focuses on creating self-updating, autonomous products for users already in the Codex ecosystem. It trades some initial simplicity for long-term AI operation.

What are 'safe actions' in Codex Sites?

Safe actions are pre-approved functions or mutations that an AI agent is allowed to call. They act as guardrails, ensuring the agent can modify the app's data and state only in specific, developer-defined ways.

Can I deploy a public-facing website with Codex Sites?

Currently, Codex Sites are primarily for building internal tools shared with a team. Public deploys and custom domains are expected features but were not available at the time of the original tutorial.