How Codex’s Remote Computer Use Lets AI Control macOS Apps (Even When the Mac Is Locked)
OpenAI’s Codex app now supports Remote Computer Use, letting the AI operate macOS apps in the background—even after the Mac locks—once users install the Computer Use plugin and grant Screen Recording and Accessibility... The feature works through the Codex desktop app with optional mobile control, enabling tasks lik...
How does OpenAI’s new “Remote Computer Use” feature in the Codex desktop app (released May 21) allow the AI agent to control macOS applicatiOpenAI’s Codex desktop app can automate macOS apps through its Computer Use capability and continue running tasks even after the Mac locks.
AI Prompt
Create a landscape editorial hero image for this Studio Global article: How does OpenAI’s new “Remote Computer Use” feature in the Codex desktop app (released May 21) allow the AI agent to control macOS applicati. Article summary: OpenAI says Codex’s new Computer Use capability lets the agent “see and operate graphical applications,” and the app also supports enabling remote access for a host device through a setup flow in the Codex app, but the e. Topic tags: general, documentation, general web. Reference image context from search candidates: Reference image 1: visual subject "# Codex can now control other desktop devices via Computer Use. OpenAI is developing Computer Use for Codex remote control that could work even when a laptop is locked or asleep; C" source context "Codex can now control other desktop devices via Computer Use" Reference image 2: visual subject "Codex Can Now Contro
openai.com
OpenAI’s latest Codex desktop update introduced Remote Computer Use, a capability that allows an AI agent to operate macOS applications—even after the Mac locks and the display turns off. The feature is part of a broader push to make Codex function as a persistent developer agent that can interact with real software environments instead of just responding to prompts.
The documentation confirms the feature exists and explains how to enable it, but OpenAI has not publicly disclosed the exact technical method that lets the agent keep controlling apps when the screen is locked. What is known comes from developer documentation and release notes describing the setup process, permissions, and security controls.
What “Computer Use” Actually Does
Codex’s Computer Use capability allows the AI agent to interact with graphical macOS applications the way a human would—by observing the interface and performing actions such as clicking buttons, typing into fields, and navigating menus.
Instead of relying only on APIs or command‑line tools, the system can operate the graphical user interface directly. That means it can automate tasks inside desktop apps, run browser workflows, test GUI software, or adjust application settings that aren’t exposed through other integrations.
Studio Global AI
Search, cite, and publish your own answer
Use this topic as a starting point for a fresh source-backed answer, then compare citations before you share it.
What is the short answer to "How Codex’s Remote Computer Use Lets AI Control macOS Apps (Even When the Mac Is Locked)"?
OpenAI’s Codex app now supports Remote Computer Use, letting the AI operate macOS apps in the background—even after the Mac locks—once users install the Computer Use plugin and grant Screen Recording and Accessibility...
What are the key points to validate first?
OpenAI’s Codex app now supports Remote Computer Use, letting the AI operate macOS apps in the background—even after the Mac locks—once users install the Computer Use plugin and grant Screen Recording and Accessibility... The feature works through the Codex desktop app with optional mobile control, enabling tasks like GUI automation, app testing, and workflow execution directly on a Mac.
What should I do next in practice?
Security protections include sandboxing, approval gates, disabled by default network access, and explicit macOS permission prompts, with the feature currently unavailable in the EEA, UK, and Switzerland.
Reports describing the feature explain that the agent perceives the desktop visually and performs actions such as cursor movements, clicks, and keystrokes while running in the background.
Remote Computer Use After the Mac Locks
A major change in the May 21 update is that Codex can continue using macOS applications even after the Mac locks, and it can be controlled remotely from a connected mobile device through Codex Mobile.
Earlier versions of AI “computer use” systems typically required:
The computer to remain unlocked
The screen to stay on
The agent to observe the live display
The new feature removes that limitation. Release notes state that Codex can continue using desktop apps after the Mac locks, enabling longer-running automated tasks or remote control workflows.
However, the specific technical mechanism that makes this possible has not been publicly documented. The available sources confirm the capability but do not describe how macOS input and visual access are maintained when the display is off.
How to Enable Remote Computer Use in the Codex App
Users enable the feature through the Codex desktop app setup flow.
1. Install the Computer Use plugin
Inside the Codex app:
Open Settings (Cmd + ,)
Navigate to Computer Use
Click Install to install the Computer Use plugin.
2. Grant macOS permissions
During setup, macOS will request system-level permissions. Users must approve:
Screen Recording – allows Codex to view application interfaces
Accessibility – allows Codex to control UI elements such as clicks and typing.
These permissions are required because the agent interacts with the graphical interface directly.
3. Configure remote access to the host machine
To allow remote control from another device:
Start the setup flow in the Codex app on the host Mac
Choose the option to connect a mobile device
Scan the displayed QR code using the ChatGPT mobile app to complete pairing.
Once connected, users can start, steer, and review Codex tasks remotely from their phone while the host Mac runs the automation.
Security Safeguards Built Into Codex
Because an AI agent controlling a computer carries obvious risks, OpenAI added several layers of protection.
Sandbox restrictions
Codex runs within an OS-enforced sandbox that limits what it can access locally, typically restricting actions to the current workspace or permitted environment.
Approval policies
An approval policy determines when the agent must stop and request user permission before continuing. This allows routine operations to proceed automatically while higher-risk actions require human confirmation.
Network access disabled by default
By default, Codex runs without network access enabled, reducing the chance of unintended external connections during automated tasks.
Explicit app permissions
The system also relies on macOS permission prompts—such as Screen Recording and Accessibility access—to ensure the user explicitly authorizes interface control.
Additionally, some implementations require users to approve each new application before Codex can interact with it.
Regional Availability Restrictions
At launch, Computer Use in the Codex app is limited to macOS and is not available in several regions.
OpenAI documentation states the feature is unavailable in:
The European Economic Area (EEA)
The United Kingdom
Switzerland.
The company has not publicly provided a detailed explanation for these restrictions, though regulatory and compliance considerations are often factors in early feature rollouts.
Other Features Announced Alongside Remote Computer Use
The same update introduced several additional capabilities that expand Codex beyond simple coding assistance.
Goal Mode
Goal Mode allows Codex to pursue a persistent objective over long periods, potentially running for hours or days until the task completes or requires approval. Users start it with the /goal command in the Codex interface.
Appshots
Appshots provide a fast way to give Codex context from another application. Pressing both Command keys captures the active window and sends:
A screenshot of the window
Extracted text from the interface
This lets Codex understand what is happening in another app without manual copying or explanation.
What Remains Unclear
Despite the feature’s capabilities, several details remain undocumented publicly:
The precise technical method that allows Codex to control macOS apps when the Mac is locked or the display is off
The internal architecture used to maintain visual context and input control in that state
Detailed enterprise risk analyses from third‑party security researchers
The available documentation confirms the functionality and setup process but does not fully explain the underlying system design.
Why Remote Computer Use Matters
The feature signals a shift toward persistent AI agents that operate directly inside real computing environments. Instead of giving instructions and waiting for results, users can let an AI run software, test interfaces, and automate workflows continuously in the background.
If widely adopted, capabilities like Remote Computer Use could blur the line between traditional automation tools and autonomous software agents—especially as features like Goal Mode allow Codex to pursue tasks over long time horizons.
Comments
0 comments