Nice breakdown of the MCP plumbing. The lock file discovery is clever but it does tie you to VS Code's diagnostic ecosystem for that context bridge. Codex CLI goes a different direction; full sandbox isolation with network disabled, directory scoped. No IDE coupling needed. I wrote up the sandbox model and the rest of the Codex architecture here if you want the contrast: https://reading.sh/the-definitive-guide-to-codex-cli-from-first-install-to-production-workflows-a9f1e7c887ab
Nice breakdown of the MCP plumbing. The lock file discovery is clever but it does tie you to VS Code's diagnostic ecosystem for that context bridge. Codex CLI goes a different direction; full sandbox isolation with network disabled, directory scoped. No IDE coupling needed. I wrote up the sandbox model and the rest of the Codex architecture here if you want the contrast: https://reading.sh/the-definitive-guide-to-codex-cli-from-first-install-to-production-workflows-a9f1e7c887ab
Thanks for sharing the post! It is very insightful