Codex CLI 0.107.0: The March 2 Release That Changes How Teams Run Sub-Agents

The highest-signal Codex update for today is not a new model launch. It is a runtime release.

On March 2, 2026, OpenAI shipped Codex CLI 0.107.0 in the official Codex changelog and GitHub release stream. For teams running real agent workflows, this release adds meaningful control surfaces:

• branch a thread into sub-agents without leaving the current conversation
• configure memories and hard-reset memory state
• return multimodal output from custom tools
• expose richer model availability and upgrade metadata through app-server
• tighten sandbox and escalation behavior in edge paths

If your team treats this as a minor version bump, you will miss where the operational leverage is.

What changed

The March 2, 2026 release (rust-v0.107.0) introduced a set of features that are connected, not isolated.

1) Thread branching is now first-class in daily workflows

The release adds a direct “fork thread into sub-agents” path. This aligns with existing Codex docs where app-server supports thread/fork and multi-agent execution patterns.

Practically, this lowers the cost of branching investigation and implementation in parallel lanes while preserving parent context.

2) Memory moved from implicit behavior to configurable behavior

OpenAI added configurable memories plus a hard reset command:

codex debug clear-memories

That matters for production teams because memory state is now more directly governable, including reset pathways when context quality degrades or policy requires stronger isolation.

3) Custom tools now support multimodal outputs

Custom tools are no longer text-only in this release path; they can return structured multimodal content including images.

For teams building internal toolchains, this widens what can be passed through agent loops without awkward text-only fallbacks.

4) App-server model metadata became richer

Release notes call out richer model availability and upgrade metadata surfaced by app-server and used by TUI to explain plan-gated model behavior.

This complements documented model/list behavior in app-server docs, including upgrade, inputModalities, and picker visibility metadata.

5) Reliability and sandbox-control details were tightened

Notable fixes and chores include:

• thread/resume restoring pending approval/input requests
• non-blocking behavior improvements around thread/start
• MCP OAuth oauth_resource forwarding fixes
• improved restricted filesystem handling (including sensitive directory handling)
• keeping sandbox configuration intact for escalated command reruns

These are the kinds of fixes that matter most once usage scales.

Why it matters

This release primarily improves agent operations, not just user ergonomics.

Three consequences stand out.

1) Branching becomes cheap enough to standardize

When teams can fork threads into sub-agents with lower friction, they can formalize a pattern:

1. parent thread defines scope and constraints
2. specialized child agents gather evidence or execute bounded tasks
3. parent reconciles and promotes output

Codex multi-agent docs already frame role-based agents, inheritance behavior, and sandbox boundaries. The 0.107 release makes that style easier to run at CLI pace.

2) Memory policy is now part of reliability design

Configurable memories plus explicit clearing means memory management can be treated like any other operational control: define expected behavior, instrument drift, and reset state when needed.

The common anti-pattern is to let memory remain “magic context.” This release makes that less defensible.

3) Runtime capability discovery gets stronger

As model options and plan gates vary across environments, richer model metadata is not a nice-to-have. It is required for predictable client behavior and robust fallback logic.

Teams using app-server should treat capability discovery (model/list) as a runtime check, not a static assumption.

Implementation notes

1) Adopt fork-aware runbooks

If you use Codex for complex tasks, define a fork policy by task type:

• exploratory debugging: fork early, read-only agent defaults
• implementation branch: fork once acceptance criteria are stable
• verification lane: separate agent for tests/policy checks

Inferred from changelog + docs: this pattern is now both supported and operationally cheaper than before.

2) Add explicit memory hygiene controls

Use the new memory controls intentionally:

• define when persistent memory is useful vs risky
• document when to run memory reset in incident/recovery workflows
• validate that memory behavior is aligned with your environment and policy boundaries

3) Harden resume/fork failure testing

The release includes resume/start synchronization fixes. Treat that as a signal to test:

• interrupted thread recovery
• pending approval replay behavior
• forked-thread continuity under tool and network constraints

If these scenarios are not in your test matrix, your “happy path only” confidence is misleading.

4) Use model metadata for safe routing

model/list metadata in app-server docs supports capability-aware routing:

• upgrade hints for migration prompts
• inputModalities to avoid unsupported tool paths
• visibility flags for picker behavior

That lets teams build safer client-side model selection logic instead of hardcoding assumptions.

5) Keep sandbox and escalation policy coupled

Release notes include sandbox-related tightening and escalation-path correctness improvements. That is a reminder that permission behavior in retry/escalation paths is part of the security model, not a corner case.

What to do now

For teams shipping with Codex this week:

1. Upgrade a staging environment to 0.107.0 and run one full forked-thread workflow end-to-end.
2. Add memory policy notes to your team config/runbook, including a reset protocol.
3. Add automated checks for thread/start, thread/resume, and thread/fork recovery paths.
4. Move model routing logic to app-server capability discovery instead of static model maps.
5. Re-baseline incident metrics around approvals, resume errors, and sandbox escalation behavior after rollout.

As of March 3, 2026, the GitHub releases page also lists 0.108.0-alpha.1 as a pre-release, which reinforces the current shipping cadence: teams need robust release-readiness habits, not occasional manual upgrades.

Sources

• https://developers.openai.com/codex/changelog
• https://github.com/openai/codex/releases/tag/rust-v0.107.0
• https://developers.openai.com/codex/multi-agent
• https://developers.openai.com/codex/app-server
• https://developers.openai.com/codex/config-basic
• https://github.com/openai/codex/releases