Trusted directory checks in Codex can block exec runs started from arbitrary folders, which commonly happens when a command is launched from a scratch directory or an unversioned workspace.
The Codex CLI treats a Git repository as its trust boundary and context root, allowing prompts and diffs to be anchored to a known project directory instead of the current filesystem location.
Pointing the run at a repository directory preserves the safety check. Using --skip-git-repo-check should be limited to disposable tasks because it removes guardrails meant to prevent execution against unintended paths.
Related: How to set Codex working directory
Steps to fix Codex trusted directory errors:
- Identify the repository root for the task.
$ git rev-parse --show-toplevel /home/user/projects/example-repo
Use the repo root that contains the files you want Codex to read or edit.
- Run Codex with a working directory that is a Git repository.
$ codex exec -C /home/user/projects/example-repo "Return OK." OK
-C runs codex exec from the specified repository without changing the current shell directory.
- Run Codex with the Git repo check disabled when no repo is available.
$ codex exec --skip-git-repo-check "Return OK." OK
Skipping the repository check removes the trusted-directory safeguard, so accidental reads/writes in the wrong folder become easier.
- Re-run the original prompt once the trusted directory setting is corrected.
$ codex exec "Return OK." OK
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.
