codex - 💡(How to fix) Fix Cybersecurity warning triggered by defensive test output in Codex chat [1 comments, 2 participants]

What version of Codex CLI is running?

.128

What subscription do you have?

full $200

Which model were you using?

gpt 5.5

What platform is your computer?

Microsoft Windows NT 10.0.26200.0 x64

What terminal emulator and version are you using (if applicable)?

git cmd on windows

What issue are you seeing?

Terminal emulator triggered cybersecurity warning banners twice.

The intent was defensive validation of a local tool, not malicious use. After the warnings, we changed the local test harness so raw prompts/replies are not printed by default, sensitive/refusal cases are excluded by default, and only sanitized counts/ categories are reported.

I’m reporting this because the warning was likely triggered by raw tool output from defensive tests being surfaced in chat, and I want it reviewed as a false-positive/product friction issue.

What steps can reproduce the bug?

Uploaded thread: 019e1a26-6184-7af2-b23d-a61d936f65a3

1. Use Codex on Windows in Git CMD.
2. Run or inspect a local defensive/adversarial test harness for a coding assistant.
3. The test harness prints raw prompt text into Codex chat output.
4. Some prompt text is intended to test refusal/safety behavior.
5. Codex displays a cybersecurity warning banner.

What is the expected behavior?

Codex should provide a safer way to handle defensive test logs, or the warning should distinguish defensive test output from malicious intent when the surrounding context is clearly safety/refusal validation.

Additional information

This was not an attempt to perform cybersecurity abuse. The flagged content came from raw local test output while validating that my own assistant refuses unsafe requests and does not fake evidence. I have already changed my local test harness so this kind of raw output is not printed into Codex by default.