NonDev Apps

Bonus 04 of 07

What MCP is and how to connect Codex to one safe tool first

Goal: MCP lets Codex connect to external tools and services. That is powerful and risky. This lesson teaches you what MCP is, how to inspect your current setup, and how to start with one official read-only server before you connect anything stronger.

What to do

01

Understand what MCP is - in plain English

MCP stands for Model Context Protocol. In plain English, it is how you give Codex access to tools and services outside your project folder. Without MCP, Codex works inside the project and the tools already built into your environment. With MCP, Codex can reach into connected systems like documentation servers or third-party services. That is why every MCP connection should be treated as extra access, not just a convenience feature.

02

Inspect your current MCP setup with the real CLI command

Do not ask Codex to guess. Use the actual Codex CLI command that lists configured servers. Run this in the terminal:

codex mcp list
03

Decide whether you need MCP right now

Ask three questions. First: is there a task I cannot solve because Codex cannot see outside this project folder, Second: would a connected tool solve that exact problem, Third: do I understand what data that tool would expose, If you answered no to the first question, you do not need MCP today. If you answered no to the third, stop there until you can explain the access in plain English.

04

Practice with one official read-only server first

If you want to learn the command flow safely, start with the official OpenAI developer docs server. It is read-only, so this is a much safer first connection than GitHub, a database, or anything that can change external state. Run this in the terminal:

codex mcp add openaiDeveloperDocs --url https://developers.openai.com/mcp
05

Verify the server and ask one docs question

Run codex mcp list again so you can confirm the server is registered. Then ask Codex a simple OpenAI docs question and see whether it uses the docs server to answer. The goal is to prove the whole loop works before you even think about stronger integrations.

Look up the request schema for Responses API tools in the OpenAI developer docs and summarize the required fields.
06

Write an MCP safety note in AGENTS.md

Whether or not you added a server today, add a new section to AGENTS.md called ## MCP Connections. If you connected the docs server, write that it is official, read-only, and used for documentation lookup. If you skipped MCP, write why. Either way, record the rule that future MCP servers must be official, necessary, and understood before they are added.

Expected result

You understand what MCP is, inspected your current setup with the real Codex command, practiced with one official read-only server, verified it, and recorded the safety rule in AGENTS.md.

Key takeaway

  • MCP is extra access. Start with a read-only official server, verify it with the real Codex CLI, and add stronger connections only when you can explain exactly what data or actions they expose.
Bonus 4 - What MCP is and how to connect Codex... - NonDev Apps