A way to exclude sensitive files issue still open for OpenAI Codex
Points and comments are a snapshot, not live.
Article body wasn't reachable. The HN discussion summary is below.
Points and comments are a snapshot, not live.
Article body wasn't reachable. The HN discussion summary is below.
What commenters are saying
Most commenters argue the security boundary belongs at the OS level, not in Codex, and that file permissions or containerization already solve the problem. One camp points out that AI agents may try alternative access methods, like reading from git history, so a user-facing ignore mechanism would still be useful. A few note that a true solution is hard because the agent uses bash tools, not just read/edit tools, and can invoke commands like 'rg foo' that incidentally include file contents in tool output.