• Category: Agentic coding
  • Status: discussion
  • Sources: GitHub issue openai/codex#2847, HN discussion
  • Summary: A long-open OpenAI Codex enhancement request, "A way to exclude sensitive files" (opened 2025-08-28, labeled enhancement and sandbox, 84 comments, still open), resurfaced on Hacker News on 2026-06-28. The request asks for a mechanism to keep files such as .env and credential stores out of the set the coding agent can read, so secrets do not enter the agent context or get sent to the model. No resolution had shipped at run time.
  • Why it matters: Coding agents read repository files by default, and the absence of a first-class exclude mechanism leaves secret-hygiene to ad hoc sandboxing, a recurring practitioner concern as agent adoption grows.
  • Follow-up: Watch for a built-in ignore or exclude feature in Codex and whether other agents standardize a sensitive-file boundary.

Send feedback on this story