OpenAI Codex Operates on Locked macOS Machines

MacRumors reports that an OpenAI Developers post says the Computer Use capability is now live for the Codex desktop app on macOS, enabling users to send tasks remotely and have Codex operate permitted desktop apps "even when the screen is off and locked" (MacRumors; OpenAI Developers documentation). OpenAI's developer documentation details setup steps: install the Computer Use plugin and grant Screen Recording and Accessibility permissions when macOS prompts you (OpenAI Developers documentation). The docs and MacRumors state Codex prompts for permission before operating each new app and supports marking apps as "Always allow." The launch is limited at first, with availability excluded in the European Economic Area, the United Kingdom, and Switzerland, per MacRumors and OpenAI's release notes. MacRumors reports technical limits: Codex cannot automate Terminal apps, interact with Codex itself, or bypass system-level admin prompts.

The OpenAI documentation frames Computer Use at a desktop-automation level: it relies on macOS permission surfaces (Screen Recording to see UI, Accessibility to simulate input) and is intended for GUI-dependent flows that lack structured integrations. The docs list example use-cases including testing a macOS app, reproducing GUI-only bugs, changing app settings through the UI, and running workflows that span multiple apps (OpenAI Developers documentation). MacStories reports that Codex's implementation uses parallel cursors that do not necessarily bring apps to the foreground, and that the feature traces its lineage to the Sky app and team that joined OpenAI, which MacStories says contributed to the current performance profile.

For practitioners: desktop-level agents that operate while a machine is locked change the operational surface for automation and testing. Companies building developer tools, QA workflows, or cross-app integrations may find this useful for reproducing GUI-only failures or automating manual flows that previously required screen time. Industry observers also routinely flag privacy and security trade-offs when an agent is granted Screen Recording and Accessibility rights; these are platform-level privileges macOS exposes and they elevate the need for scoped permissioning, audit logs, and careful app whitelisting. MacRumors and OpenAI's docs explicitly call out scoped usage and permission prompts, which aligns with common platform guidance to minimize broad access.

OpenAI's release extends Codex from code-completion and API-driven tasks into a broader desktop agent role, where GUI interaction complements command-line or plugin-based automation. MacStories' testing-based praise, including the claim that this is the "best computer use feature I have ever tested", suggests performance and UX improvements relative to prior products in this niche, according to that outlet. At the same time, the regional restrictions at launch and the explicit exclusions for Terminal and admin prompts may shape early adoption patterns.

For practitioners: watch for:

• •expansion of regional availability and any differences in feature scope by jurisdiction
• •signals about enterprise-focused controls such as auditability, session logging, or limited timers for background tasks
• •third-party security reviews or CVE reports tied to agents using Screen Recording/Accessibility. Observers will also track how plugins or MCP servers are used to reduce direct GUI automation when more robust integrations exist, as OpenAI's docs recommend preferring dedicated plugins where available (OpenAI Developers documentation)