A way to exclude sensitive files issue still open for OpenAI Codex

220 points · 136 comments on HN · read original →

Points and comments are a snapshot, not live.

Article body wasn't reachable. The HN discussion summary is below.

What commenters are saying

Most commenters argue the security boundary belongs at the OS level, not in Codex, and that file permissions or containerization already solve the problem. One camp points out that AI agents may try alternative access methods, like reading from git history, so a user-facing ignore mechanism would still be useful. A few note that a true solution is hard because the agent uses bash tools, not just read/edit tools, and can invoke commands like 'rg foo' that incidentally include file contents in tool output.