OpenAI Codex lands in Chrome

Browser automation is the point of this story — not just “AI in Chrome.” OpenAI has given Codex a Chrome extension that plugs the coding agent into your actual browsing session, with your logged-in state intact. That sounds incremental, but it changes what the agent can touch. Instead of staying in a cloud sandbox or a fake browser, Codex can now work where a lot of real software work actually happens — inside tabs, dashboards, admin panels, and web apps people already use every day. ### What actually launched? OpenAI launched the Codex Chrome extension on May 7, 2026. It connects Chrome to the Codex app on Windows and macOS, and it’s meant for jobs that need your signed-in browser state rather than a generic web session. OpenAI’s own examples are very concrete: Gmail, Salesforce, LinkedIn, and internal tools. That’s the tell. This is not just for browsing docs or clicking around localhost. It is for authenticated work. (developers.openai.com) ### Why is Chrome the important part? Because the browser is where the messy stuff lives. APIs cover some workflows, and OpenAI already has plugins for many services, but a huge amount of work still happens inside full web apps with custom interfaces, odd approval flows, and company-specific dashboards. The Chrome extension gives Codex access to that layer without forcing it to control the whole desktop one visual step at a time. The New Stack’s demo writeup gets at the distinction — this is more direct than the old screenshot-and-mouse loop. (developers.openai.com) ### What can Codex do there? It can read pages, move across multiple tabs, and act inside tab groups tied to a Codex thread. OpenAI says Codex can suggest Chrome when a task needs a signed-in site, and users can invoke it directly in prompts. The extension also lets Codex switch tools depending on the job — plugin when there’s a clean integration, in-app browser for localhost, Chrome when the task needs the real logged-in web. Basically, Codex is becoming a router for software work, not just a code generator. (thenewstack.io) ### Why does that feel like a bigger jump? Because it collapses the gap between “assistant” and “operator.” Earlier Codex updates already added computer use, in-app browsing, memory, scheduling, and a pile of plugins. OpenAI framed that April update as a push beyond coding into ongoing work across tools and apps. The Chrome extension is the next logical step — but also the riskiest one — because browsers hold sessions, identities, internal URLs, and the little bits of business process that never got formal integrations. (developers.openai.com) ### What are the guardrails? OpenAI is pretty explicit here. By default, Codex asks before interacting with each new website. Users can allow a site for one chat, always allow a host, or block it. There’s also an allowlist and blocklist, plus warnings around “always allow browser content” and browser history access. The big caution is simple: page content is untrusted context. If Codex reads something malicious or misleading, that information can shape what it does next. (openai.com) That is the same prompt-injection problem people have worried about in agentic systems, now sitting inside your real browser. ### How big is Codex now? OpenAI said in early April that Codex was serving more than 3 million developers weekly. By April 21, it said that number had grown to more than 4 million in just two weeks. That matters less as a brag than as a clue. OpenAI is not treating Codex as a niche coding sidecar anymore. It is scaling it into an enterprise platform, with Codex Labs and partnerships with firms like Accenture, Capgemini, Infosys, PwC, and TCS to push deployment inside large organizations. (developers.openai.com) ### What about phone control? That part looks real, but not fully launched. Recent Android app strings point to remote connection features for Codex sessions running on a desktop, with prompts about reconnecting to a Codex desktop session under the same account. So the direction is clear — start work on a computer, supervise or steer it from a phone — but the evidence right now points to in-progress support rather than a finished public rollout. (openai.com) ### Bottom line? The useful version of AI coding was never just “write me a function.” It was “go finish the task that spans code, browser tabs, internal tools, and approvals.” Chrome gets Codex much closer to that. But the catch is brutal and obvious — the closer an agent gets to your real workflows, the less room there is for vague permissions, sloppy context handling, or blind trust. (androidauthority.com)