Summary
Codex runs in a separate agent container from Agent Vault. The agent container does not have the real OpenAI key; it only has a dummy OPENAI_API_KEY. Agent Vault runs in its own container and injects the real credential through the proxy.
Using the current Codex quickstart model, agent-vault run -- codex ... starts Codex successfully and Codex eventually succeeds through HTTP fallback, but Codex's Responses WebSocket transport still fails first with:
ERROR codex_api::endpoint::responses_websocket: failed to connect to websocket: URL error: Proxy URL scheme not supported, url: wss://api.openai.com/v1/responses
Setup
Two separate containers on the same Docker network:
agent-vault container: infisical/agent-vault:latest, exposes control API on 14321 and MITM proxy on 14322.codex-agent container: node:24-bookworm-slim, with codex-cli 0.131.0 and /usr/local/bin/agent-vault copied from infisical/agent-vault:latest.
The Codex container is started with:
AGENT_VAULT_ADDR=http://agent-vault:14321
AGENT_VAULT_TOKEN=av_agt_...
AGENT_VAULT_VAULT=default
OPENAI_API_KEY=dummy-agent-visible-key
Command executed
agent-vault run -- codex exec --skip-git-repo-check \
'Reply exactly: docs agent vault run smoke ok'
--skip-git-repo-check is only needed because the repro runs from a throwaway non-git container directory.
Observed result
Codex returns the expected output:
docs agent vault run smoke ok
But stderr includes repeated Responses WebSocket failures before fallback succeeds:
agent-vault: routing HTTP/HTTPS through MITM proxy (agent-vault:14322)
agent-vault: Installed Agent Vault skills for Codex.
agent-vault: agent-vault connected. Starting codex...
OpenAI Codex v0.131.0
2026-05-20T17:57:11.151374Z ERROR codex_api::endpoint::responses_websocket: failed to connect to websocket: URL error: Proxy URL scheme not supported, url: wss://api.openai.com/v1/responses
Versions tested
agent-vault 0.21.0, commit fa888ca, built 2026-05-19T14:34:31Zcodex-cli 0.131.0
The same error also reproduced on agent-vault 0.15.0.
Other checks
| Case |
Result |
Node ws + HttpsProxyAgent through Agent Vault |
WSS opens successfully |
agent-vault run -- codex exec ... |
Codex succeeds through fallback, but Responses WebSocket logs Proxy URL scheme not supported |
| No proxy env |
Fails 401 because agent container only has dummy visible OpenAI key |
Plain http:// proxy URL |
Fails with HTTP CONNECT response missing status line |
Interpretation
Agent Vault's WSS MITM path works for a normal WebSocket client. The failure appears specific to Codex's Responses WebSocket transport rejecting the proxy URL before it reaches Agent Vault.
Summary
Codex runs in a separate agent container from Agent Vault. The agent container does not have the real OpenAI key; it only has a dummy
OPENAI_API_KEY. Agent Vault runs in its own container and injects the real credential through the proxy.Using the current Codex quickstart model,
agent-vault run -- codex ...starts Codex successfully and Codex eventually succeeds through HTTP fallback, but Codex's Responses WebSocket transport still fails first with:Setup
Two separate containers on the same Docker network:
agent-vaultcontainer:infisical/agent-vault:latest, exposes control API on14321and MITM proxy on14322.codex-agentcontainer:node:24-bookworm-slim, withcodex-cli 0.131.0and/usr/local/bin/agent-vaultcopied frominfisical/agent-vault:latest.The Codex container is started with:
Command executed
--skip-git-repo-checkis only needed because the repro runs from a throwaway non-git container directory.Observed result
Codex returns the expected output:
But stderr includes repeated Responses WebSocket failures before fallback succeeds:
Versions tested
agent-vault 0.21.0, commitfa888ca, built2026-05-19T14:34:31Zcodex-cli 0.131.0The same error also reproduced on
agent-vault 0.15.0.Other checks
ws+HttpsProxyAgentthrough Agent Vaultagent-vault run -- codex exec ...Proxy URL scheme not supportedhttp://proxy URLHTTP CONNECT response missing status lineInterpretation
Agent Vault's WSS MITM path works for a normal WebSocket client. The failure appears specific to Codex's Responses WebSocket transport rejecting the proxy URL before it reaches Agent Vault.