A way to exclude sensitive files issue still open for OpenAI Codex
github.com
June 28, 2026
1 min read
🔥🔥🔥🔥🔥
53/100
Summary
A mechanism is proposed to mark sensitive files or paths that should not be read or sent to the model, applicable at both repository and global levels. This feature aims to enhance privacy and security in AI interactions with code.
Key Takeaways
- A feature is proposed to allow users to mark specific files or paths that should not be read or sent to the model, applicable at both repository and global levels.
- The suggested implementation includes a repo-local .codexignore file and a global ignore file to manage sensitive data and large irrelevant files.
- The configuration for this feature should be deterministic, shareable across teams, and support user defaults.
- Previous discussions on similar features were closed in favor of a Rust implementation, but no comparable feature currently exists in codex-rs as of August 2025.
Community Sentiment
Positives
- Running Codex in a container or using Unix permissions effectively prevents sensitive file access, emphasizing the importance of security measures in AI applications.
- The client-server architecture of Codex allows for effective remote agent harnessing, enhancing its usability in secure environments.
- Creating a dedicated workspace VM for Codex can isolate sensitive data, ensuring that coding agents operate within defined security boundaries.
Concerns
- Implementing a blocklist for sensitive files in Codex is unlikely to be effective, as it may provide a false sense of security against the unpredictable nature of AI.
- The suggestion that Codex should enforce file access restrictions places security responsibilities incorrectly, as users should manage permissions themselves.
- Users express concerns that Codex's unpredictable behavior could lead to unintended access to sensitive files, highlighting the need for robust sandboxing solutions.