ツール解説
How We Mass-Produce Blog & Social Whiteboard Illustrations with gpt-image-2 — A Practical Sales Claw Workflow for General Readers
12 分
Tool Deep DivesCodex Chrome Extension
Codex Chrome Extension: lending your signed-in Chrome to the AI — per-site approval and AI sales fit
Codex Chrome Extension (2026-05-07) lets Codex use your signed-in Chrome state so it can act inside LinkedIn, Salesforce, Gmail, and internal tools. Per-site approval keeps you in control. Here's how it pairs with Playwright and Sales Claw, plus a 15-item pre-production checklist.
中澤 圭志
@keishi_nakazawaSales Claw maintainer
·13 min
This English article is a concise version of the original. For the full Japanese deep-dive, see the Japanese original.
Key Facts
Release date
2026-05-07 (alongside Codex CLI 0.129.0)
What it is
Codex Chrome Extension (Chrome-only browser extension)
Role A
AI operates LinkedIn / Salesforce / Gmail / internal SaaS using your signed-in Chrome state
Role B
Per-site approval + Allowlist/Blocklist + background parallel tabs (supervised automation)
“So Codex can now operate Chrome on my behalf — and log into LinkedIn and Salesforce too? How is this different from Playwright? What about Sales Claw?” — This post unpacks the Codex Chrome Extension, released by OpenAI on 2026-05-07, using OpenAI’s official Codex Docs (developers.openai.com/codex) as the primary source. We cover how to use it for B2B sales automation and how it divides responsibility with Sales Claw.
The Codex Chrome Extension lets Codex borrow your already-signed-in Chrome state — cookies, sessions, installed extensions, local storage — to perform browser tasks. Headless browser automation (Playwright, Selenium) has always struggled with “maintaining signed-in state, MFA, SSO.” This extension side-steps the entire wall by lending your daily-use Chrome to the AI.
1. What is the Codex Chrome Extension
Until now, combining AI with browser automation came down to two choices:
- Headless browser + framework (Playwright / Selenium / Puppeteer): Full automation, but session maintenance, MFA, and SSO are hard or impossible.
- API integration: Stable, but limited to whatever each SaaS exposes. LinkedIn, which deliberately restricts its API, is effectively out of reach.
The Codex Chrome Extension proposes a third option: the AI borrows the user’s already-signed-in Chrome — no new profile required — runs in background tabs so the user can keep working in other tabs, and only touches domains the user has explicitly approved.
2. The problem: every sales tool requires sign-in
Almost every task you want to delegate in B2B sales lives behind a sign-in wall: LinkedIn Sales Navigator for decision-maker research, Salesforce / HubSpot for CRM notes, Gmail / Outlookfor reply drafts, internal SSO-protected SaaS for approval workflows. Playwright/Selenium can’t reliably handle MFA, SSO, or session expiry; APIs are limited.
| 項目 | Playwright / Selenium pain | Codex Chrome Extension answer |
|---|---|---|
| Maintain signed-in state | Manual cookie save/restore | Reuses your daily Chrome |
| MFA / SSO bypass | Essentially impossible in code | Inherits your already-authenticated state |
| Session expiry | Trapped in re-auth loops | Stays valid while you use Chrome |
| Implementation cost | Per-site selectors and waiters | Extension + per-site approval only |
| Fully unattended runs | In theory yes; in practice breaks | No — assumes user is signed in |
| Mass parallel sends | Yes (100/h per session) | Not ideal (per-site approval friction) |
3. Architecture — per-site approval + background tabs
Three components: (1) the Chrome extension itself, (2) the Codex CLI / desktop app, and (3) Chrome native messaging linking the two. A typical flow: user asks Codex to research a company on LinkedIn → Codex requests per-site approval for linkedin.com → user grants (one-time or Allowlist) → Codex drives Chrome to the profile page, extracts text and screenshots, returns results.
Crucially the extension runs in background tabs, so the user can continue working in other tabs — Codex never seizes focus the way Selenium IDE / Puppeteer historically did.
4. Install and confirm “Connected” status
- Prerequisite: Codex CLI 0.129.0+ or the latest Codex desktop app. Google Chrome installed.
- Open the Codex Plugins menu → select “Chrome extension”.
- Chrome Web Store opens to the official extension page → “Add to Chrome”.
- Review Chrome’s permission prompt (debugger access, read/modify site data, history, notifications, bookmarks, downloads, native messaging, tab groups) → approve.
- Confirm the toolbar icon shows Connected.
- Back in Codex, click “Start a new Codex thread” and try a first browser task.
5. Permission model — Allowlist, Blocklist, and the “Always allow” trap
Per-domain a site falls into one of three states: Allowlist (auto-allowed), Blocklist (always denied), or unregistered(per-site prompt every access). The user picks “allow once / allow & add to Allowlist / deny / add to Blocklist.”
The setting “Always allow browser content” kills all approval prompts — the official docs call it elevated risk. Keep it OFF in any work environment: it removes Allowlist’s meaning, hides silent third-party access, and breaks the audit trail of which domains Codex actually touched.
Browser history access is handled separately and has no always-allow option— every history read needs explicit approval. That’s the right design: history is essentially the user’s behavior log.
6. B2B sales use cases — LinkedIn, Salesforce, Gmail
Where the extension shines: research, editing, and note-taking after sign-in.
- LinkedIn Sales Navigator — “Find 3 marketing leaders at company ABC, summarize roles and experience.” Approve
linkedin.comonce, Codex drives the search and pulls profile text. 15–25 min manual → 3–5 min supervised. - Salesforce— “From this Zoom transcript, log next-action notes on the ABC opportunity.” Codex parses the transcript, navigates to the right object, updates fields, and shows a diff screenshot.
- Gmail — “Read the last 5 messages in this thread and draft a tone-matched reply.” Codex reads the thread, generates a draft, saves it to Gmail. The user always presses Send.
7. Division of labor with Sales Claw
| 項目 | Codex Chrome Extension | Sales Claw |
|---|---|---|
| Primary surface | Sign-in-required SaaS | Public contact forms |
| Throughput | 1–10 tasks/hr (supervised) | 100+ submissions/hr (pre-submit checks) |
| User involvement | Per-site approval + review | Dashboard kickoff + awaiting_approval audit |
| Overnight batch runs | Not suited (needs login state) | Suited (local OSS, 24/7) |
| Daytime research / editing | Excellent | Not suited |
| Audit logging | Codex-side (OpenAI environment) | Local action-log.json + Compliance Footer |
A workable 24-hour pattern: morning (9–10): Codex Chrome Extension reviews yesterday’s Salesforce notes, finds decision-makers on LinkedIn for 10 target accounts, drafts 5 Gmail replies. Daytime (10–18): the rep does the actual selling, Codex assisting with real-time Salesforce input. Overnight (22–06): Sales Claw runs 500 contact-form submissions with pre-submit checks, NG-keyword detection, frequency limits, awaiting_approval for review the next morning.
8. Risk management and pre-flight checklist
Four risk categories before production: (1) terms of service — LinkedIn’s User Agreement §8.2 restricts automation tools; treatment of an extension that runs as the user is lighter than scraping but not infinitely so; (2) security — verify the publisher really is OpenAI; (3) privacy — history and internal SaaS contents may flow to OpenAI, GDPR/APPI implications; (4) misclicks — irreversible actions (send, payment, delete) must require human final approval.
Pre-production checklist
- codex --version is 0.129.0+ (0.130.0+ recommended)
- Chrome toolbar shows the Codex icon as Connected
- Org security policy permits Chrome extension installs
- Publisher on Chrome Web Store is OpenAI (verified)
- Always allow browser content is OFF
- Allowlist domains agreed internally (LinkedIn / Salesforce / Gmail / internal SaaS)
- Blocklist contains competitor CRMs, personal SNS, banking
- LinkedIn User Agreement §8.2 reviewed for the team's usage scope
- Enterprise contracts (Salesforce / HubSpot) permit AI automation
- Data residency reviewed for GDPR / APPI compliance
- Irreversible actions require human approval as policy
- Browser history access is per-request (no always-allow)
- Audit logs preserved both on OpenAI side and locally
- Rollback procedures for SF history, Gmail Undo Send, etc.
- Codex (research) ↔ Sales Claw (submit) split is documented
Wrap-up — a third option for browser automation
Codex Chrome Extension is the third option between full headless automation and pure manual clicking. The pattern that makes it work in B2B sales is splitting the day: Codex for daytime research and editing inside signed-in SaaS, Sales Claw for overnight contact-form sends. Neither alone covers 24 hours; combined, they do.
Next steps: install Codex CLI 0.129.0+, open the Plugins menu and add the Chrome extension, walk through the 15-item checklist above, and set up the parallel-run pattern documented in our Quickstart and Workflow guide. Sales Claw itself is free — download here.
This is the English version of the post. Read the Japanese-language original (canonical) here.
よくある質問
What is the Codex Chrome Extension?
A Chrome-only extension OpenAI shipped on 2026-05-07 alongside Codex CLI 0.129.0. It lets Codex reuse your signed-in Chrome state (cookies, sessions) so the AI can act inside auth-required sites like LinkedIn, Salesforce, Gmail, and internal SaaS. Permissions are managed per-site: new domains hit a per-site approval prompt, and you graduate them to Allowlist or Blocklist as needed.
How is this different from Playwright / Selenium?
The big difference is signed-in state. Playwright / Selenium struggle with maintaining sessions, MFA, and SSO. The Codex Chrome Extension side-steps the problem by borrowing your daily-use Chrome. The trade-off: it's not suited for fully unattended runs or mass parallel sending (per-site approval friction). A workable split: Codex for daytime research/editing, Playwright or Sales Claw for overnight batches and mass sends.
Does it compete with Sales Claw?
No — it's complementary. Sales Claw is a local-execution OSS specialized in public-page contact-form submissions, strong on overnight batches, mass parallel sends, and pre-submit checks. The Codex Chrome Extension is strong on research / editing / note-taking inside sign-in-required SaaS. The realistic B2B pattern: Codex in the morning for LinkedIn / Salesforce / Gmail, Sales Claw overnight for form sends.
Should I enable "Always allow browser content"?
Keep it OFF in any work setting — the official docs call it "elevated risk." Enabling it removes per-site approval prompts entirely, which (1) prevents you from catching mis-approvals on sensitive sites, (2) allows silent third-party access (ad networks etc.), and (3) wipes out the audit trail. OFF is the safe default outside of disposable sandbox machines.
Does this violate LinkedIn’s terms of service?
LinkedIn's User Agreement §8.2 restricts automation tool access. The Codex Chrome Extension runs as a user-installed extension — milder than Selenium scraping — but ToS interpretation depends on your account tier (free / Premium / Sales Navigator / Enterprise) and contract. Run it past your legal/compliance team before production.
How many tasks can it realistically handle per day?
With per-site approval friction, expect 1–10 tasks/hour (LinkedIn 1-company research = 3–5 min, Salesforce note = 2–3 min, Gmail draft = 1–2 min). A 6–8 hour workday lands at roughly 20–50 tasks. For unattended 100+ task volumes, use Sales Claw or a Playwright implementation instead.
What are the prerequisites?
Codex CLI 0.129.0 or later (0.130.0+ recommended), Google Chrome, and an org security policy that permits extension installs. Open the Plugins menu in Codex → Chrome Web Store → install. The extension is ready when the toolbar icon reads "Connected." For work devices, coordinate with IT.
参考文献
本記事は X 公式アカウントと公式ドキュメントを一次情報として参照しています。
- [01]
- [02]
- [03]
- [04]OpenAI Codex CLI official docs2026-05-16
- [05]openai/codex GitHub Releases2026-05-08
- [06]OpenAI Devs X account (@OpenAIDevs)@OpenAIDevs·2026-05-07
- [07]
- [08]LinkedIn User Agreement2026-05-16
この記事の著者
中澤 圭志
Sales Claw maintainer
Designs and develops Sales Claw. Writes from the field on B2B sales automation and applied AI.
