Skip to main content
OpenAI Codex Still Can't Exclude Sensitive Files — A Real Problem
Daily Signal 1 min read

OpenAI Codex Still Can't Exclude Sensitive Files — A Real Problem

OpenAI Codex has an unresolved issue around excluding sensitive files — a gap that matters for any dev shipping real products with AI agents.

The signal: An open GitHub issue flagging Codex’s inability to reliably exclude sensitive files from its context remains unresolved, and it’s drawing real community attention.

Why it matters: If you’re running Codex in any environment with credentials, secrets, or proprietary logic, you have no clean mechanism to fence it off — that’s not a minor UX gap, that’s a trust boundary problem. Builders shipping agentic coding workflows need deterministic control over what the model sees, full stop.

The pattern I’m watching: Every major AI coding tool is racing on capability while access controls and context boundaries lag behind — Claude Code, Cursor, Codex, all of them. The “I used Claude to read my MRI” story trending today is a different flavor of the same dynamic: people are pushing these tools into sensitive domains faster than the guardrails are being built.

What I’d do with this: Before wiring any AI coding agent into a real codebase, manually audit what’s in context scope and use .gitignore-style exclusions at the infrastructure level, not the tool level. Don’t wait for OpenAI to close the issue — treat context hygiene as your responsibility, not theirs.