codex-webapp 0.1.0-beta.1

package/ACKNOWLEDGEMENTS.md

@@ -0,0 +1,52 @@
+# Acknowledgements
+
+Codex WebApp is an unofficial companion package for OpenAI
+Codex `remote-control`. It is not affiliated with or endorsed by OpenAI.
+
+## OpenAI Codex
+
+This project is built around the direction opened by OpenAI Codex App Server
+and `codex remote-control`.
+
+- OpenAI Codex: https://github.com/openai/codex
+- Codex App Server documentation:
+  https://github.com/openai/codex/tree/main/codex-rs/app-server
+
+## Prior Art And Adjacent Projects
+
+The remote-Codex and mobile-agent ecosystem is moving quickly. The following
+projects are useful adjacent references for users and maintainers evaluating the
+space:
+
+- codex-web by 0xcaff: https://github.com/0xcaff/codex-web
+- RemCodex: https://remcodex.com/
+- Taskdex: https://www.taskdex.app/
+- Taskdex GitHub: https://github.com/DhruvalGolakiya/taskdex
+- Remodex: https://github.com/Emanuele-web04/remodex
+- codexUI: https://github.com/friuns2/codexui
+- FlyDex: https://flydex.net/
+- The Companion: https://docs.thecompanion.sh/
+- MobileCLI: https://www.mobilecli.app/
+- RemoteVibeCode: https://remotevibecode.com/
+- Nitori Codex Webview:
+  https://marketplace.visualstudio.com/items?itemName=Kaisei-Yasuzaki.nitori-codex-webview
+
+Listing a project here is acknowledgement of prior art or adjacency, not a
+claim that this package includes that project's code.
+
+## codex-web
+
+`0xcaff/codex-web` is a particularly important reference point for this package.
+Its README describes a browser frontend for Codex Desktop running on a machine
+the user controls, with a deliberately thin wrapper so upstream Codex changes can
+be integrated quickly.
+
+Codex WebApp follows that same spirit: stay thin, make the install path humane,
+keep the operator's machine in control, and avoid pretending to be an official
+OpenAI product.
+
+## Code Provenance
+
+This package is intended as a clean public companion module. Unless a future
+file explicitly says otherwise, it does not vendor source code from the projects
+listed above.

package/CONTRIBUTING.md

@@ -0,0 +1,37 @@
+# Contributing
+
+Thanks for helping make Codex remote-control easier to use.
+
+This project aims to be unusually kind to first-time users: clear errors,
+copy-pasteable commands, mobile-friendly UI, and conservative security
+defaults.
+
+## Good First Contributions
+
+- Improve the `doctor` output for a confusing install state.
+- Add tests for Codex CLI version parsing.
+- Improve mobile layout without adding visual noise.
+- Document a real failure mode and the fix.
+- Improve the browser smoke test so users can verify the console actually
+  renders on their machine.
+- Add safer defaults for local or trusted-network operation.
+
+## Ground Rules
+
+- Do not imply OpenAI endorsement.
+- Do not add telemetry without explicit opt-in.
+- Do not expose raw app-server endpoints publicly by default.
+- Do not add commercial upgrade UI, hidden private hooks, or paid-feature
+  conditionals to the public module.
+- Do not log secrets, prompts, repository contents, cookies, tokens, or session
+  IDs.
+- Keep private operations features out of the public module.
+
+## Pull Request Checklist
+
+- README or help text updated when behavior changes.
+- Security boundary preserved.
+- `npm run doctor` or the equivalent local command exercised.
+- Browser smoke exercised when UI behavior changes.
+- UI changes checked on a mobile-width viewport.
+- New dependencies justified in the PR body.

package/LICENSE.md

@@ -0,0 +1,184 @@
+Apache License
+Version 2.0, January 2004
+http://www.apache.org/licenses/
+
+TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+1. Definitions.
+
+"License" shall mean the terms and conditions for use, reproduction, and
+distribution as defined by Sections 1 through 9 of this document.
+
+"Licensor" shall mean the copyright owner or entity authorized by the copyright
+owner that is granting the License.
+
+"Legal Entity" shall mean the union of the acting entity and all other entities
+that control, are controlled by, or are under common control with that entity.
+For the purposes of this definition, "control" means (i) the power, direct or
+indirect, to cause the direction or management of such entity, whether by
+contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the
+outstanding shares, or (iii) beneficial ownership of such entity.
+
+"You" (or "Your") shall mean an individual or Legal Entity exercising
+permissions granted by this License.
+
+"Source" form shall mean the preferred form for making modifications, including
+but not limited to software source code, documentation source, and
+configuration files.
+
+"Object" form shall mean any form resulting from mechanical transformation or
+translation of a Source form, including but not limited to compiled object
+code, generated documentation, and conversions to other media types.
+
+"Work" shall mean the work of authorship, whether in Source or Object form,
+made available under the License, as indicated by a copyright notice that is
+included in or attached to the work (an example is provided in the Appendix
+below).
+
+"Derivative Works" shall mean any work, whether in Source or Object form, that
+is based on (or derived from) the Work and for which the editorial revisions,
+annotations, elaborations, or other modifications represent, as a whole, an
+original work of authorship. For the purposes of this License, Derivative Works
+shall not include works that remain separable from, or merely link (or bind by
+name) to the interfaces of, the Work and Derivative Works thereof.
+
+"Contribution" shall mean any work of authorship, including the original
+version of the Work and any modifications or additions to that Work or
+Derivative Works thereof, that is intentionally submitted to Licensor for
+inclusion in the Work by the copyright owner or by an individual or Legal
+Entity authorized to submit on behalf of the copyright owner. For the purposes
+of this definition, "submitted" means any form of electronic, verbal, or
+written communication sent to the Licensor or its representatives, including
+but not limited to communication on electronic mailing lists, source code
+control systems, and issue tracking systems that are managed by, or on behalf
+of, the Licensor for the purpose of discussing and improving the Work, but
+excluding communication that is conspicuously marked or otherwise designated in
+writing by the copyright owner as "Not a Contribution."
+
+"Contributor" shall mean Licensor and any individual or Legal Entity on behalf
+of whom a Contribution has been received by Licensor and subsequently
+incorporated within the Work.
+
+2. Grant of Copyright License. Subject to the terms and conditions of this
+License, each Contributor hereby grants to You a perpetual, worldwide,
+non-exclusive, no-charge, royalty-free, irrevocable copyright license to
+reproduce, prepare Derivative Works of, publicly display, publicly perform,
+sublicense, and distribute the Work and such Derivative Works in Source or
+Object form.
+
+3. Grant of Patent License. Subject to the terms and conditions of this
+License, each Contributor hereby grants to You a perpetual, worldwide,
+non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this
+section) patent license to make, have made, use, offer to sell, sell, import,
+and otherwise transfer the Work, where such license applies only to those
+patent claims licensable by such Contributor that are necessarily infringed by
+their Contribution(s) alone or by combination of their Contribution(s) with the
+Work to which such Contribution(s) was submitted. If You institute patent
+litigation against any entity (including a cross-claim or counterclaim in a
+lawsuit) alleging that the Work or a Contribution incorporated within the Work
+constitutes direct or contributory patent infringement, then any patent
+licenses granted to You under this License for that Work shall terminate as of
+the date such litigation is filed.
+
+4. Redistribution. You may reproduce and distribute copies of the Work or
+Derivative Works thereof in any medium, with or without modifications, and in
+Source or Object form, provided that You meet the following conditions:
+
+(a) You must give any other recipients of the Work or Derivative Works a copy
+    of this License; and
+
+(b) You must cause any modified files to carry prominent notices stating that
+    You changed the files; and
+
+(c) You must retain, in the Source form of any Derivative Works that You
+    distribute, all copyright, patent, trademark, and attribution notices from
+    the Source form of the Work, excluding those notices that do not pertain to
+    any part of the Derivative Works; and
+
+(d) If the Work includes a "NOTICE" text file as part of its distribution, then
+    any Derivative Works that You distribute must include a readable copy of
+    the attribution notices contained within such NOTICE file, excluding those
+    notices that do not pertain to any part of the Derivative Works, in at
+    least one of the following places: within a NOTICE text file distributed as
+    part of the Derivative Works; within the Source form or documentation, if
+    provided along with the Derivative Works; or, within a display generated by
+    the Derivative Works, if and wherever such third-party notices normally
+    appear. The contents of the NOTICE file are for informational purposes only
+    and do not modify the License. You may add Your own attribution notices
+    within Derivative Works that You distribute, alongside or as an addendum to
+    the NOTICE text from the Work, provided that such additional attribution
+    notices cannot be construed as modifying the License.
+
+You may add Your own copyright statement to Your modifications and may provide
+additional or different license terms and conditions for use, reproduction, or
+distribution of Your modifications, or for any such Derivative Works as a
+whole, provided Your use, reproduction, and distribution of the Work otherwise
+complies with the conditions stated in this License.
+
+5. Submission of Contributions. Unless You explicitly state otherwise, any
+Contribution intentionally submitted for inclusion in the Work by You to the
+Licensor shall be under the terms and conditions of this License, without any
+additional terms or conditions. Notwithstanding the above, nothing herein shall
+supersede or modify the terms of any separate license agreement you may have
+executed with Licensor regarding such Contributions.
+
+6. Trademarks. This License does not grant permission to use the trade names,
+trademarks, service marks, or product names of the Licensor, except as required
+for reasonable and customary use in describing the origin of the Work and
+reproducing the content of the NOTICE file.
+
+7. Disclaimer of Warranty. Unless required by applicable law or agreed to in
+writing, Licensor provides the Work (and each Contributor provides its
+Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied, including, without limitation, any warranties
+or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+PARTICULAR PURPOSE. You are solely responsible for determining the
+appropriateness of using or redistributing the Work and assume any risks
+associated with Your exercise of permissions under this License.
+
+8. Limitation of Liability. In no event and under no legal theory, whether in
+tort (including negligence), contract, or otherwise, unless required by
+applicable law (such as deliberate and grossly negligent acts) or agreed to in
+writing, shall any Contributor be liable to You for damages, including any
+direct, indirect, special, incidental, or consequential damages of any
+character arising as a result of this License or out of the use or inability to
+use the Work (including but not limited to damages for loss of goodwill, work
+stoppage, computer failure or malfunction, or any and all other commercial
+damages or losses), even if such Contributor has been advised of the
+possibility of such damages.
+
+9. Accepting Warranty or Additional Liability. While redistributing the Work or
+Derivative Works thereof, You may choose to offer, and charge a fee for,
+acceptance of support, warranty, indemnity, or other liability obligations
+and/or rights consistent with this License. However, in accepting such
+obligations, You may act only on Your own behalf and on Your sole
+responsibility, not on behalf of any other Contributor, and only if You agree
+to indemnify, defend, and hold each Contributor harmless for any liability
+incurred by, or claims asserted against, such Contributor by reason of your
+accepting any such warranty or additional liability.
+
+END OF TERMS AND CONDITIONS
+
+APPENDIX: How to apply the Apache License to your work.
+
+To apply the Apache License to your work, attach the following boilerplate
+notice, with the fields enclosed by brackets "[]" replaced with your own
+identifying information. (Don't include the brackets!) The text should be
+enclosed in the appropriate comment syntax for the file format. We also
+recommend that a file or class name and description of purpose be included on
+the same "printed page" as the copyright notice for easier identification
+within third-party archives.
+
+Copyright 2026 PENSO
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.

package/README.ja.md

@@ -0,0 +1,144 @@
+> **非公式の community project です。** この project は OpenAI、公式 Codex team、または公式 Codex App と提携・承認・後援・関連していません。
+
+# Codex WebApp
+
+[English](./README.md) / 日本語 / [한국어](./docs/i18n/README.ko.md) / [简体中文](./docs/i18n/README.zh-CN.md)
+
+Codex App を使っている人向けの、敬意ある非公式 WebApp surface です。
+
+Codex App に貼れるプロンプト、わかりやすい `doctor`、安全なローカル起動、そして「本当に Codex っぽいブラウザ画面が開けるか」を確認する smoke test をまとめています。
+
+![Codex WebApp overview](./docs/assets/codex-webapp-overview.svg)
+
+> OpenAI とは提携しておらず、OpenAI から承認・推奨された公式プロダクトではありません。
+>
+> 生の UI サーバーは原則 `localhost` のまま使ってください。スマホや別PCから触る場合は、Tailscale、Cloudflare Access、または同等の信頼できるアクセス境界を先に用意してください。公開IPへ直接出さないでください。
+
+## これは何ですか
+
+「Codex をブラウザやスマホから使えるらしい」と聞いたのに、サーバー起動後に何を開けばいいかわからない。そこを埋めるための npm パッケージです。
+
+この beta でできること:
+
+- Codex CLI が入っているか確認する
+- `codex remote-control --help` が使えるか確認する
+- npm の一時実行で `doctor` / `start` / `smoke` を走らせる
+- Codex App に貼るだけのプロンプトを提供する
+- ローカルの Codex 風ブラウザ UI を起動する
+- smoke test で「画面が本当に見えている」ことを確認する
+
+## いまの beta の位置づけ
+
+現在の npm beta は `codex-webapp@0.1.0-beta.1` です。
+
+これは Codex App の native marketplace plugin、browser extension、one-click installer、managed hosting service ではありません。Codex App にプロンプトを貼り、Codex に `npx` で npm パッケージを実行してもらう形です。
+
+現在の方針は experimental かつ compatibility-first です。現在は `0xcaff/codex-web` の commit `585613f5a3a355af5aefc388ca4e31b07a472cda` を参照する Codex 風 browser runtime を起動し、その周辺に install、safety、evidence、support の層を加えています。この public repository は package、user documentation、safety notes、contribution path に絞ります。
+
+注: 現在、software interface 自体は主に英語です。この日本語ドキュメントは setup を助けるための翻訳です。
+
+## Codex App に貼るプロンプト
+
+以下をそのまま Codex App に貼ってください。
+
+```text
+Please set up Codex WebApp on this machine.
+
+Use this npm package:
+codex-webapp@beta
+
+Please:
+1. Check my Codex version.
+2. Run the package doctor.
+3. Run start in dry-run mode first.
+4. Start the local browser UI only on localhost.
+5. Smoke-test the printed local URL.
+
+Keep everything on localhost unless I already have Tailscale, Cloudflare Access,
+or another trusted access boundary set up.
+
+Do not print tokens, cookies, private repo contents, customer data, or internal URLs.
+```
+
+Codex は内部でだいたい次のようなコマンドを実行します。
+
+```bash
+npx -y codex-webapp@beta doctor
+npx -y codex-webapp@beta start --dry-run
+npx -y codex-webapp@beta start
+```
+
+`npx` は「npm に公開されているパッケージを、一時的に実行するための仕組み」です。ユーザーが手でプロジェクトを作ったり、依存関係を管理したりする必要を減らします。
+
+## ターミナルで試す場合
+
+```bash
+codex --version
+codex remote-control --help
+npx -y codex-webapp@beta doctor
+npx -y codex-webapp@beta start --dry-run
+npx -y codex-webapp@beta start
+```
+
+デフォルトでは次のローカルURLを使います。
+
+```text
+http://127.0.0.1:8214/
+```
+
+## Smoke Test
+
+UI サーバーを起動したら、次で確認できます。
+
+```bash
+npx -y codex-webapp@beta smoke \
+  --url http://127.0.0.1:8214/
+```
+
+ブラウザ証跡を撮る場合:
+
+```bash
+npx -y codex-webapp@beta smoke \
+  --browser \
+  --url http://127.0.0.1:8214/ \
+  --screenshot artifacts/codex-webapp.png
+```
+
+公開する証跡には、private repo、branch名、アカウント情報、顧客データ、token、cookie、社内URLを含めないでください。
+
+## 安全境界
+
+この package は、危険なネットワーク公開を安全に変える魔法ではありません。
+
+推奨:
+
+- 自分のMacだけで使うなら `localhost`
+- 自分の端末間だけなら Tailscale
+- 複数人で使うなら Cloudflare Access などの identity-aware proxy
+
+避けること:
+
+- 生の UI サーバーを public IP に出す
+- token / cookie / customer data / private repo 内容を public issue に貼る
+- OpenAI 公式プロダクトのように見せる
+- 現在の beta を managed hosting service として扱う
+
+## Security And Privacy
+
+この package は open source で、監査可能であることを前提にしています。
+
+CLI wrapper は、prompt、repository、token、cookie、customer data を、この project が運営する第三者サーバーへ送信しません。ローカルの Codex 風 browser surface を起動し、指定された URL に対して readiness / smoke check を行います。
+
+この package は browser extension をインストールせず、browser token を `localStorage`、`chrome.storage`、extension profile に保存しません。ただし、下層の Codex 風 runtime や、利用者自身が用意する trusted-access layer には別の挙動があり得ます。運用境界として確認してください。
+
+public issue や screenshot を共有する前に、secret と private URL は削除してください。
+
+## 謝辞
+
+現在の beta は、Codex 風ブラウザ体験を実現する public project `0xcaff/codex-web` のアプローチを利用・参照しています。この repository は、その周辺に配布、doctor、安全境界、ドキュメント、検証証跡の層を加えるものです。
+
+詳しくは [ACKNOWLEDGEMENTS.md](./ACKNOWLEDGEMENTS.md) を参照してください。
+
+## License
+
+[Apache-2.0](./LICENSE.md)

package/README.md

@@ -0,0 +1,271 @@
+> **Unofficial community project.** This project is not affiliated with,
+> sponsored by, endorsed by, or associated with OpenAI, the official Codex team,
+> or the official Codex App.
+
+# Codex WebApp
+
+[![CI](https://github.com/penso-os/codex-webapp/actions/workflows/ci.yml/badge.svg)](https://github.com/penso-os/codex-webapp/actions/workflows/ci.yml)
+[![npm version](https://img.shields.io/npm/v/codex-webapp?label=npm)](https://www.npmjs.com/package/codex-webapp)
+[![npm beta](https://img.shields.io/npm/v/codex-webapp/beta?label=beta)](https://www.npmjs.com/package/codex-webapp)
+[![License](https://img.shields.io/npm/l/codex-webapp)](./LICENSE.md)
+
+A respectful, community-maintained web app surface for Codex App users.
+
+It gives you a pasteable Codex App prompt, a friendly `doctor`, a safe local
+launcher, and smoke tests that prove a real Codex-style browser surface is
+reachable from a machine you control.
+
+![Codex WebApp overview](./docs/assets/codex-webapp-overview.svg)
+
+> Not affiliated with or endorsed by OpenAI.
+>
+> Keep the raw UI server on `localhost` unless you have Tailscale, Cloudflare
+> Access, or an equivalent trusted access boundary. Do not put the raw server on
+> a public IP.
+
+Quick check:
+
+```bash
+npx -y codex-webapp@beta doctor
+```
+
+## Languages
+
+- English: this README
+- Japanese: [README.ja.md](./README.ja.md)
+- Korean: [docs/i18n/README.ko.md](./docs/i18n/README.ko.md)
+- Simplified Chinese: [docs/i18n/README.zh-CN.md](./docs/i18n/README.zh-CN.md)
+
+## Who This Is For
+
+This package is for people who opened Codex App, heard that Codex can be used
+from a browser or phone, and then got stuck at "the server is running, but what
+do I open?"
+
+It is also for maintainers who want a repeatable public-beta gate:
+
+- check the local Codex install
+- start the Codex-style browser UI on a safe local port
+- verify the page with HTTP or browser smoke tests
+- collect evidence before sharing a beta package
+- document the trusted-access boundary instead of improvising it in DMs
+
+## Current Beta Shape
+
+Current npm beta: `codex-webapp@0.1.0-beta.1`
+
+This is an npm package that Codex App can run through a prompt. It is not a
+native Codex App marketplace plugin, browser extension, one-click installer, or
+managed hosting service.
+
+The current beta is experimental and compatibility-first. It launches a pinned
+Codex-style web runtime reference, currently `0xcaff/codex-web` at commit
+`585613f5a3a355af5aefc388ca4e31b07a472cda`, and wraps it with clearer install,
+safety, evidence, and support behavior. The public repository is kept focused on
+the package, user documentation, safety notes, and contribution path.
+
+## Codex App Quick Start
+
+Paste this into Codex App:
+
+```text
+Please set up Codex WebApp on this machine.
+
+Use this npm package:
+codex-webapp@beta
+
+Please:
+1. Check my Codex version.
+2. Run the package doctor.
+3. Run start in dry-run mode first.
+4. Start the local browser UI only on localhost.
+5. Smoke-test the printed local URL.
+
+Keep everything on localhost unless I already have Tailscale, Cloudflare Access,
+or another trusted access boundary set up.
+
+Do not print tokens, cookies, private repo contents, customer data, or internal URLs.
+```
+
+Codex should run commands like these for you:
+
+```bash
+npx -y codex-webapp@beta doctor
+npx -y codex-webapp@beta start --dry-run
+npx -y codex-webapp@beta start
+```
+
+If Codex App asks what `npx` means, the plain-English answer is:
+
+> `npx` runs a published npm package temporarily, without asking you to install
+> or manage a project by hand.
+
+## Terminal Quick Start
+
+Developers can run the same flow from a terminal:
+
+```bash
+# 1. Confirm Codex is available.
+codex --version
+
+# 2. Check whether the remote-control command exists.
+codex remote-control --help
+
+# 3. Run the friendly readiness check.
+npx -y codex-webapp@beta doctor
+
+# 4. Preview the launcher command without starting anything.
+npx -y codex-webapp@beta start --dry-run
+
+# 5. Start the local Codex-style browser UI.
+npx -y codex-webapp@beta start
+```
+
+By default the browser UI is local only:
+
+```text
+http://127.0.0.1:8214/
+```
+
+## Browser Smoke Test
+
+Once the UI server is running:
+
+```bash
+npx -y codex-webapp@beta smoke \
+  --url http://127.0.0.1:8214/
+```
+
+The lightweight smoke test fetches the page and checks for the expected
+Codex-style surface. To capture browser evidence:
+
+```bash
+npx -y codex-webapp@beta smoke \
+  --browser \
+  --url http://127.0.0.1:8214/ \
+  --screenshot artifacts/codex-webapp.png
+```
+
+If Playwright is missing:
+
+```bash
+npm install -D playwright
+npx playwright install chromium
+```
+
+Public evidence must use a clean or demo environment. Do not publish screenshots
+that expose private repositories, private branches, account metadata, customer
+data, tokens, cookies, or internal URLs.
+
+## Safety Boundary
+
+This package does not make an unsafe network setup safe.
+
+Use one of these boundaries:
+
+- `localhost` only for local use
+- Tailscale for private-device access
+- Cloudflare Access or an equivalent identity-aware proxy for shared access
+
+Do not:
+
+- expose a raw Codex UI server on a public IP
+- paste tokens, cookies, customer data, or private repository contents into
+  public issues
+- describe this project as an official OpenAI or Codex product
+- treat the current beta as a managed hosting service
+
+## Security And Privacy
+
+This package is open source and intended to be auditable.
+
+The CLI wrapper does not send your prompts, repositories, tokens, cookies, or
+customer data to a third-party service operated by this project. It launches a
+local Codex-style browser surface and runs local readiness/smoke checks against
+the URL you provide.
+
+This package does not install a browser extension and does not write browser
+tokens to `localStorage`, `chrome.storage`, or an extension profile. The
+underlying Codex-style runtime and your own trusted-access layer may have their
+own behavior; review and operate those components as part of your deployment
+boundary.
+
+Codex WebApp does not include telemetry, analytics, or a project-operated
+phone-home path.
+
+For public support, remove secrets and private URLs before sharing command
+output or screenshots.
+
+## Product Principles
+
+![Mobile and trusted-access concept](./docs/assets/codex-webapp-mobile.svg)
+
+- **Codex App first**: the primary path is a prompt a non-CLI user can paste
+  into Codex App.
+- **Compatibility first**: staying close to the Codex browser experience is more
+  valuable than a custom UI that drifts quickly.
+- **Security owned**: the public package must keep the raw server local and make
+  trusted access explicit.
+- **Evidence driven**: launch claims must be backed by doctor, dry-run, smoke,
+  browser, and clean-sandbox evidence.
+- **Contribution friendly**: the repo should be easy to inspect, test, and
+  improve without needing private maintainer context.
+
+## Repository Layout
+
+```text
+bin/codex-webapp.mjs      CLI entrypoint for doctor/start/smoke
+src/commands.js           CLI command handlers
+src/browserSmoke.js       HTTP and optional Playwright smoke checks
+src/codexWeb.js           Codex-style web launch arguments and safety checks
+src/version.js            Codex CLI version parsing and readiness checks
+test/*.test.mjs           node:test coverage
+docs/assets/              public-safe README visuals
+docs/i18n/                localized quickstart docs
+docs/codex-app-install.md Codex App prompt-driven setup guide
+docs/ja-quickstart.md     Japanese quickstart guide
+```
+
+## Development
+
+```bash
+npm test
+npm pack --dry-run
+npm run start:dry-run
+```
+
+## Support
+
+Open a GitHub issue with:
+
+- your OS
+- Node version
+- Codex version
+- the exact command you ran
+- the doctor or smoke output after removing secrets and private URLs
+
+Never paste tokens, cookies, private repository contents, customer data, or
+internal URLs into a public issue. See [SECURITY.md](./SECURITY.md) and
+[SUPPORT.md](./SUPPORT.md).
+
+## Project Boundary
+
+This repository is the public distribution layer for the browser companion:
+launcher, doctor, smoke tests, documentation, safety boundary, and release
+evidence.
+
+Managed hosting, private support operations, proprietary gateways, and internal
+workspace automation are outside this public package.
+
+## Acknowledgements
+
+The current beta uses and acknowledges the public `0xcaff/codex-web` approach
+for rendering a Codex-like browser surface. This project adds distribution,
+doctor, safety, documentation, and release-evidence layers around that style of
+workflow while keeping the non-affiliation boundary explicit.
+
+See [ACKNOWLEDGEMENTS.md](./ACKNOWLEDGEMENTS.md).
+
+## License
+
+[Apache-2.0](./LICENSE.md)