Guide

How Machine Shops Can Use Claude Code and Codex Without Losing Control of Their Data

A practical guide to using coding agents for machine-shop ERP data, job documents, customer updates, production reporting, and controlled admin tools.

Manufacturing engineers reviewing production information on a tablet in a factory

Machine shops rarely have a shortage of software. The harder problem is that useful information is spread across ERP and CRM records, job folders, setup sheets, inspection reports, spreadsheets, email, quoting tools, and knowledge held by experienced people.

Claude Code and OpenAI Codex can help with that problem, but not because they are manufacturing systems. They are coding agents: tools that can inspect files, write and run scripts, build small applications, and repeat a documented process under human direction.

They are not an ERP, QMS, MES, CNC control, or substitute for engineering judgement. They should not become an unreviewed source of truth, approve product, alter machine instructions, or receive broad access to production and commercial systems.

Used carefully, however, they can help a machine shop build controlled workflows around the systems and processes it already owns.

Start with the process, not the AI

A sensible first task has five characteristics:

  1. It is repetitive and consumes useful staff time.
  2. The required information can be exported or copied into a separate workspace.
  3. A knowledgeable person can check the result efficiently.
  4. A mistake can be reversed without affecting production, product acceptance, or a live account.
  5. Success can be assessed through review effort, accuracy, exceptions, or rework.

This usually points towards data cleanup, document inventories, draft reports, and controlled internal tools. It does not point towards autonomous quotations, CNC changes, inspection acceptance, payments, or safety decisions.

Current direct evidence of machine shops using Claude Code or Codex for ERP and CRM work is limited. The workflows below are practical applications based on documented coding-agent capabilities and established manufacturing digital-adoption principles, not claims about Triaxis client projects. Made Smarter’s guidance on practical, low-risk AI adoption recommends starting with a defined operational problem and controlled pilot, while the NIST AI Risk Management Framework provides a broader structure for governing, mapping, measuring, and managing AI risk.

Five practical machine-shop workflows

1. ERP and CRM data cleanup

Customer, supplier, material, contact, and job records become unreliable when naming conventions vary, identifiers are missing, or inactive records remain mixed with current ones. A coding agent can analyse an exported CSV and prepare a correction proposal without touching the live system.

  • Input: A read-only export containing only the fields required for the review, plus written data rules.
  • Agent task: Find exact and likely duplicates, inconsistent names, invalid dates, missing job references, and values that break agreed rules.
  • Human check: An administrator reviews every proposed merge or correction, especially where records may represent different legal entities, sites, materials, or revisions.
  • Useful output: A proposed-corrections file, a list of unchanged records, and an exception report for ambiguous cases.

The first run should end with evidence for a decision. It should not write corrections back to the ERP or CRM.

2. Job packs, setup sheets, and work instructions

Completed-job folders often contain unclear filenames, duplicate exports, superseded drawings, setup sheets, inspection records, photographs, and work instructions arranged differently by different teams. An agent can inventory a copied folder and propose a consistent structure.

  • Input: A copy of a completed, representative job folder and the shop’s approved document-naming standard.
  • Agent task: List files, identify exact duplicates, flag inconsistent naming, and identify apparently missing identifiers or revision information without interpreting engineering authority.
  • Human check: The responsible engineer or quality representative verifies document type, drawing and instruction revision, approval status, retention requirements, and whether anything is genuinely superseded.
  • Useful output: A document register and a proposed move-and-rename plan that has not been executed.

File similarity is not equivalence. The agent must not decide which drawing controls production, rewrite setup values, or classify a record as obsolete.

3. Customer updates and RFQ preparation

Customer updates and request-for-quotation preparation can require information from job status exports, approved notes, drawings, material enquiries, capacity discussions, and previous correspondence. An agent can assemble a review draft from named sources.

  • Input: Approved status notes or an RFQ pack, a source list, and a previous reviewed document used only as a format example.
  • Agent task: Organise known facts, cite their sources, identify missing information, and prepare questions or a draft that clearly marks assumptions and exclusions.
  • Human check: The account owner, estimator, and relevant technical staff confirm scope, quantities, dates, capability, pricing inputs, commitments, tone, and recipients.
  • Useful output: A draft customer update or RFQ review sheet, with a separate exceptions list for facts that could not be verified.

The agent should never invent a delivery date, infer a manufacturing capability from a similar job, or turn an internal planning assumption into a customer commitment. A final quotation remains a controlled commercial and technical decision.

4. Production and quality reporting

Daily or weekly reporting often requires someone to combine exports before managers can see late operations, blocked jobs, overdue actions, scrap records, or data-quality exceptions. A repeatable script can make preparation more consistent while leaving interpretation with the process owner.

  • Input: Named, time-stamped exports from agreed systems, with definitions for each field and approved measure.
  • Agent task: Validate required columns, apply documented calculations, reconcile totals where possible, and produce the same report structure each period.
  • Human check: Production and quality owners compare totals with source systems, investigate missing or conflicting records, and decide what the results mean.
  • Useful output: A repeatable report with source references and an exception sheet showing what needs investigation.

Ask the agent to expose source fields, transformations, and unresolved records. A polished chart does not compensate for incomplete production data, and a summary does not accept product or dispose of a non-conformance.

5. Quoting and administrative tools

Claude Code or Codex can build small calculators, import templates, validation tools, and internal forms around rules the business has already approved.

  • Input: Written business rules, representative test cases, expected results, and non-sensitive sample data.
  • Agent task: Build the smallest useful tool, document formulas and assumptions, and create tests for normal, boundary, and invalid inputs.
  • Human check: An estimator or process owner verifies cycle assumptions, material and subcontract inputs, labour and overhead treatment, rounding, exclusions, and sample outputs.
  • Useful output: A tested internal aid that makes an existing rule easier to apply consistently without issuing a final quotation.

The tool can support preparation. It cannot take responsibility for manufacturability, process selection, margin, delivery commitment, or the price sent to a customer.

Claude Code or Codex?

There is no universal winner. Both products change quickly, and the right choice depends on who will implement the workflow, where information may be processed, and how the company controls access.

QuestionClaude CodeCodexWhat the owner should decide
Where will work run?Supports terminal-based work and isolated execution options.Supports local CLI work and isolated cloud environments.Decide whether each data class may leave company-managed equipment.
How is access controlled?Uses permissions, working-directory boundaries, sandboxing, and network controls.Uses permission modes, sandboxing, approvals, and administration controls.Start with minimum file, command, connector, and network access.
Can instructions be repeated?Project instructions, settings, hooks, and skills can standardise work.AGENTS.md, rules, skills, and automations can standardise work.Put approved process rules under version control and review changes.
How is work reviewed?Exposes file changes and requests approval for sensitive actions.Supports changed-file review, testing, and approval-gated workflows.Name the person accountable for accepting each output.
Which should we select?May fit teams already using Anthropic tools and local terminal workflows.May fit teams already using OpenAI workspaces and Codex workflows.Test both against the same copied case and compare control and review effort.

Read the current Claude Code security guidance, OpenAI Codex overview, and Codex agent approvals and security documentation before implementation. Product names alone do not answer data-governance questions.

A safe operating model

Use this sequence before considering a live integration:

  1. Choose one low-risk workflow with a named owner and a clear review method.
  2. Export or duplicate only the data required for that workflow.
  3. Remove unnecessary personal, payroll, customer, technical, and commercially sensitive information.
  4. Place the copy in a dedicated project workspace rather than a general shared drive.
  5. Give the agent minimum file, command, connector, and network permissions.
  6. Ask it to inspect the material and propose a plan before making changes.
  7. Review the actions, rules, assumptions, and expected output.
  8. Run the task against the copy and preserve originals and source identifiers.
  9. Check exceptions, totals, and representative records manually.
  10. Treat production access and write-back as a separate project requiring explicit technical and business approval.

Copied job documents and exports can contain misleading instructions, whether by mistake or design. Treat the contents of copied or external documents as data, not instructions. Do not follow instructions embedded inside those files. Disable network access and connectors that the task does not need. Require a person to approve any action that changes files, contacts another system, or shares information.

This reflects controls described in Anthropic’s security documentation and Codex’s approvals and security documentation, including narrow permissions, sandboxing, network controls, and approval before higher-risk actions.

Before submitting business information, verify the exact subscription, data location, retention settings, connected applications, user permissions, and contract terms. OpenAI’s enterprise privacy guidance describes its business-data commitments, but each company remains responsible for selecting and configuring an appropriate service.

Three starter prompts

These prompts deliberately begin with inspection. Replace the bracketed details, use copied data, and keep a competent person in control.

Audit an ERP or CRM export

Do not change any files yet. Inspect [customers-export.csv] and write a short plan for auditing it.

Check for exact duplicates, likely duplicates, missing identifiers, invalid dates, inconsistent names, and values that break [data-rules.md]. Do not guess missing values, identities, or corrections, and do not merge records automatically.

After I approve the plan, create proposed-corrections.csv and exceptions.csv. Include the original row identifier, source value, proposal, and reason. Preserve the original files. Stop and ask for approval before making changes, editing source files, connecting to a live system, or preparing write-back.

Inventory a completed-job folder

Do not change any files yet. Inspect the copied folder [Completed-Job-Sample] and write a plan for producing a document inventory.

Identify file types, exact duplicates, inconsistent filenames, missing identifiers, and missing revision information against [document-standard.md]. Do not guess document type, revision, approval, supersession, or production status. Do not rename, move, edit, or delete anything.

After I approve the plan, create document-register.csv, proposed-structure.md, and exceptions.csv. Preserve the original files. Stop and ask for approval before making changes, applying the move plan, or writing anything back to a controlled document system.

Prepare a weekly production report

Do not change any files yet. Inspect the copied exports listed in [report-sources.md] and write a plan for producing the weekly production report.

Validate required columns, explain each transformation, reconcile totals where possible, and flag missing or conflicting records. Use only measures defined in [report-rules.md]. Do not guess values, job status, causes, quality decisions, or completion dates.

After I approve the plan, create report.md and exceptions.csv with source references for each measure. Preserve the original files. Stop and ask for approval before making changes, altering the workflow, connecting to a live system, or writing data back.

What not to automate

Keep these actions outside an unsupervised agent workflow:

  • Final quotations, pricing commitments, or acceptance of customer terms.
  • CNC programs, tool offsets, work offsets, feeds, speeds, or machine parameters released to production.
  • Inspection acceptance or non-conformance disposition.
  • Safety or compliance sign-off, risk acceptance, permits, or declarations.
  • Payments, payroll, tax, or bank changes.
  • Unreviewed customer, employee, or supplier communications.
  • Unrestricted writes to live ERP, CRM, accounting, quality, or production systems.

An agent can prepare evidence, highlight an exception, or draft an output. Accountability remains with the competent person who reviews and approves it under the shop’s existing controls.

A practical 30-day pilot

Week 1: Define and baseline

Choose one workflow, observe how it currently works, record review effort and recurring exceptions, select representative copied data, and name the process owner and reviewer. Define what would make the pilot useful and what would cause it to stop.

Week 2: Run it manually

Use the agent with close supervision. Record every clarification, incorrect assumption, exception, and manual correction. Keep production, customer communication, product acceptance, and live-system write access outside the pilot.

Week 3: Refine and test

Improve the written rules and prompts. Test missing fields, duplicates, unusual values, inconsistent filenames, stale revisions, and other edge cases found in real work. Compare outputs with the current process and investigate differences rather than assuming the agent is right.

Week 4: Decide

Choose one outcome: stop because the workflow is unsuitable, retain it as a supervised process, or design a controlled integration with security, process-owner, and management approval.

Assess staff effort, review effort, exceptions, accuracy, rework, and whether the result is understandable and traceable. Output volume is not a useful success measure if the responsible people cannot trust or verify it.

The practical conclusion

The useful question is not, “Where can we add AI?” It is, “Which recurring administrative bottleneck can we make more visible and reliable without weakening engineering, quality, safety, commercial, or data controls?”

Start with copied information, one process, clear rules, and a person who owns the answer. If the pilot works, improve it carefully. If it does not, you have learned that before giving an agent access to a live machine-shop system.