pub fn build_codex_command(args: &CodexSpawnArgs<'_>) -> CommandExpand description
Builds the codex exec command with the canonical hardening flags.
G31 + OAuth-only hardening (v1.0.69, mandated by gaps.md lines 41-49):
the command ALWAYS uses the OAuth auth.json flow. The flag set is
the canonical one documented in gaps.md Fix A:
codex exec \
-c mcp_servers='{}' \
--json --output-schema <SCHEMA> \
--ephemeral \
--skip-git-repo-check \
--sandbox read-only \
--ignore-user-config \
--ignore-rules \
--ask-for-approval never \
-m <MODEL> \
-The combination zeroes MCP servers (via two complementary mechanisms:
the inline -c mcp_servers='{}' override AND --ignore-user-config),
disables user-defined rules, and never asks for interactive approval.
OPENAI_API_KEY is FORBIDDEN in the spawned environment (gaps.md:48).
OAuth flows via ~/.codex/auth.json and CODEX_ACCESS_TOKEN only.