codex - 💡(How to fix) Fix False positive cybersecurity-risk warning in benign Codex conversations

What version of Codex CLI is running?

0.128.0

What subscription do you have?

Pro

Which model were you using?

gpt-5.5

What platform is your computer?

Windows 10 x64

What terminal emulator and version are you using (if applicable)?

PowerShell

What issue are you seeing?

Codex repeatedly shows the warning:

“Your conversations have multiple flags for possible cybersecurity risk. Responses may take longer because extra safety checks are on. To get authorized for security work, join the Trusted Access for Cyber program.”

This happens in benign, non-cybersecurity conversations. For example, it appeared in a conversation about a computer game / business simulation and a sales-section document, and also in a new chat where the first prompt was only about whether Codex keeps a work log / lab journal.

The affected work is ordinary documentation, project workflow, business/game-design discussion, logging/journal notes, and writing/editing. It does not involve cybersecurity work, penetration testing, exploit development, malware, credential access, network scanning, unauthorized systems, or evasion.

The warning appears unrelated to the actual task and seems to be a false positive, possibly triggered at the account or multi-conversation level rather than by the current request.

What steps can reproduce the bug?

Uploaded thread: 019dfe17-07ac-7081-a0f3-aa0a0fafccd4

1. Open a new Codex conversation.
2. Send a benign prompt such as: “Do you keep a work log / lab journal for this task?”
3. Alternatively, continue a benign conversation about a computer game / business simulation, sales-section wording, business risks, mitigation language, documentation structure, or project logs.
4. Observe that Codex displays the cybersecurity-risk warning even though the conversation contains no cybersecurity task or request.

What is the expected behavior?

Codex should not show cybersecurity-risk warnings or apply extra cyber-safety latency to clearly benign conversations about documentation, project logs, business/game-design writing, or ordinary software/project workflow.

If a safety warning is shown, it should be tied to the actual current request and provide clearer information about what category of content triggered it, so users can distinguish real policy issues from false positives.

Additional information

This appears to be a persistent false positive. The warning is shown across unrelated Codex conversations, including benign documentation, logging, project-management, and business/game-design tasks.

Some of the terms involved may be ambiguous in isolation, such as “risk”, “mitigation”, “logs”, “agents”, “attack by competitor”, or “work journal”, but in these conversations they are used in ordinary business, game-design, project-management, or software-development contexts, not in cybersecurity contexts.

The issue causes unnecessary latency and makes Codex harder to use for normal authorized work. Please review the flag, recalibrate the classifier, and avoid treating benign business/project terminology as cybersecurity risk by itself.