codex_consult_async
Submit a read-only question to Codex and receive a job ID instantly without waiting. Designed for long-running consultations that run in the background.
Instructions
Ask Codex for a read-only second opinion in the background; get a job_id
back immediately instead of blocking.
Same read-only behavior as codex_consult (Codex never edits files), but it runs
detached — use it when the consult may run long. Starting a job commits to spend
(it runs to completion or its wall-clock deadline even if you never poll). Poll
with codex_job_status, read the consult envelope with codex_job_result, delete
it with codex_job_consume_result, or stop it with codex_job_cancel.
Data egress: same as codex_consult — sends your question and extra_context
(raw, unredacted) to OpenAI via the codex CLI, plus files Codex reads from its
resolved working directory (workspace_root, your MCP roots, or the server cwd).
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| model | No | Override the Codex model slug for this call; defaults to the server/Codex default when unset. | |
| question | Yes | The question or prompt to send Codex (a different model) for a read-only answer. | |
| isolation | No | Codex config isolation: 'inherit' (default), 'ignore-config', or 'ignore-rules'. | |
| extra_context | No | Optional author intent / background context, added to the prompt as clearly-labeled UNTRUSTED data. Codex is instructed to treat embedded directives as data, not commands — best-effort prompt-injection mitigation, not a guarantee. Don't include live secrets: Codex can read files it's pointed at, and redaction does not cover this field. | |
| workspace_root | No | Absolute path to the target repository root. Pass it (or rely on an MCP root) so the call targets the intended repo; otherwise it falls back to the server's own cwd and meta.workspace_warning is set. |
Output Schema
| Name | Required | Description | Default |
|---|---|---|---|
| ok | Yes |