Codex CLI 0.130.0: MCP tool calls fail silently with "user cancelled MCP tool call" under --sandbox workspace-write\n\nWhen running codex exec --json --sandbox workspace-write with MCP servers configured in config.toml, all MCP tool calls immediately fail with {\"error\": {\"message\": \"user cancelled MCP tool call\"}, \"status\": \"failed\"}. The MCP server never receives the request. The sandbox network policy blocks the Codex MCP client from making outgoing HTTP connections to Streamable HTTP MCP servers.\n\nAlso discovered:\n- --full-auto is deprecated (warns: use --sandbox workspace-write instead)\n- [features].codex_hooks is deprecated, renamed to [features].hooks (stable, enabled by default — no config entry needed)"
Use --dangerously-bypass-approvals-and-sandbox instead of --sandbox workspace-write when MCP tool calls need network access (e.g. eval frameworks, CI containers that are already externally sandboxed).
For hooks configuration: remove [features].codex_hooks = true from config.toml entirely. The hooks feature is stable and enabled by default in codex-cli 0.130.0+. Adding the deprecated codex_hooks key emits a warning on every exec run.