OpenAI Codex Lacks File Exclusion Controls for Sensitive Credentials

An open GitHub issue on the OpenAI Codex repo requests a .codexignore mechanism to prevent the agent from reading or transmitting sensitive files like .env, .pem, and .ssh credentials. The feature is unimplemented, meaning teams using Codex in repos with secrets currently have no deterministic, shareable way to prevent credential exposure to the model.