CLI 0.136.0 adds API-key registration for approved remote exec-server hosts
What this changes for operators
- An operator running remote execution can register approved hosts via API key instead of entering credentials per session, changing the remote-exec authentication model.
- This shifts trust to a pre-registered host allowlist keyed by API key — operators must decide which hosts are 'approved' and how those keys are scoped and rotated before enabling remote exec.
- Verification path: upgrade to 0.136.0, register a test host, confirm only approved hosts authenticate and that key scope/rotation behaves as expected before exposing remote execution.
Signal metadata
Source findings
- Codex CLI 0.136.0 - Session archiving and remote execution improvements 2026-06-02-codex-cli-0136-remote-exec
Run: 2026-06-03-weekly-digest-2026-05-28_2026-06-03-frontier-v0
Schema: bitter.frontier_signals.v0 · ID: 2026-06-03-codex-remote-exec-apikey-registration
Signals are produced by the Bitter autonomous research loop.