A way to exclude sensitive files issue still open for OpenAI Codex

OpenAI Codex developers are actively discussing a feature that would allow users to explicitly exclude sensitive files from being read or transmitted to the model, but no such feature has been implemented as of August 2025.

The discussion originated from a feature request on Hacker News, where users proposed a mechanism to mark files or paths that should not be accessed by Codex, such as environment files, private keys, or other sensitive data. The goal is to enable deterministic, shareable configurations that prevent accidental exposure of confidential information.

The issue was previously closed in favor of a Rust-based implementation, known as codex-rs, which aims to address some of these concerns. However, as of late August 2025, no comparable feature or configuration option appears to exist within codex-rs or the main Codex codebase. The developers have not announced a timeline for implementing such a feature, and the discussion remains open.

Potential Impact on Privacy and Security in AI Development

This development is significant because it directly pertains to the security and privacy risks associated with AI code generation tools. Without a reliable way to exclude sensitive files, users risk inadvertently sharing confidential information with the model, which could lead to data leaks or security breaches. The proposed feature would help developers maintain control over what data is exposed, fostering safer AI deployment in sensitive environments.

Background of Sensitive Data Handling in AI Code Tools

OpenAI Codex has been widely used for code generation and assistance, raising concerns about how it handles sensitive data stored in repositories. Prior to this discussion, there have been instances where models inadvertently accessed or transmitted private files, prompting calls for more granular control mechanisms. The issue on Hacker News reflects ongoing community interest in establishing clear, shareable configurations to prevent such exposure.

The original feature request suggested a repository-local .codexignore file, similar to .gitignore, and a global ignore list, to specify files or directories that should never be read or sent. Although the issue was closed in favor of a Rust implementation, the lack of a current solution leaves a gap in managing sensitive data securely.

“Developers need a deterministic way to prevent sensitive files from being read or transmitted, ideally through shareable configuration files.”

— an anonymous researcher

Unclear Timeline and Implementation Status of the Feature

It is not yet clear when or if OpenAI will implement a native feature for excluding sensitive files in Codex. The discussion remains open, and no official roadmap or timeline has been announced. The current absence of such a feature in codex-rs suggests that the development is still in early or planning stages, and the community awaits further updates.

Synology Virtual DSM License, 1 Pack

Each Virtual DSM License Pack adds one virtual DSM instance to virtual machine Manager

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Next Steps in Developing Sensitive File Exclusion Features

OpenAI developers are expected to revisit the discussion and potentially prioritize this feature based on community feedback. Future updates may include formal proposals, prototypes, or releases of configuration options. Meanwhile, users and developers are encouraged to monitor GitHub issues and community channels for progress.

Key Questions

Will OpenAI Codex include a built-in feature to exclude sensitive files?

It is currently under discussion, but no official plans or timelines have been announced as of August 2025.

What are the risks of not having such a feature?

Without a reliable exclusion mechanism, there is a risk of accidentally sharing sensitive data, which could lead to privacy breaches or security vulnerabilities.

How are developers currently managing sensitive data with Codex?

Most rely on manual practices or custom configurations, but these are not deterministic or easily shareable, which is why the community advocates for a formal solution.

Is the Rust implementation (codex-rs) expected to include this feature?

As of late August 2025, no comparable feature has been observed in codex-rs, and its development status remains unclear.

What should users do in the meantime to protect sensitive data?

Users should manually exclude sensitive files from their repositories or avoid transmitting confidential data when using Codex, until an official feature is available.

Source: Hacker News