CodexOpsStudio is currently an active prototype. Security fixes will be handled on a best-effort basis.
Please do not open public issues for security-sensitive problems.
Instead:
- use GitHub private reporting if available
- include reproduction details
- include affected files or commands
- describe whether the issue can impact credentials, Git state, or local file safety
Important areas for responsible reporting:
- command execution boundaries
- Git worktree isolation
- Codex CLI process orchestration
- unsafe file operations
- GitHub publishing actions
- path handling for non-ASCII and user-selected repositories