HeadlinesBriefing favicon HeadlinesBriefing.com

Codex CLI MultiAgentV2 Encryption Removes Audit Trail

Hacker News •
×

PR #26210 (Encrypt multi-agent v2 message payloads, merged 2026-06-05) introduced a regression in Codex CLI versions post-0.137.0 with MultiAgentV2 enabled. The change marks the model-facing `message` parameter as encrypted, storing only `Inter Agent Communication.encrypted_content` while leaving `Inter Agent Communication.content` empty. While encrypted delivery improves privacy, it removes human-readable task/message text from local rollout history, trace reduction, and parent-side audit/debug surfaces.

Users cannot answer basic questions: what task did a `spawn_agent` call give the child agent? What message was sent to a subagent? Why did a child thread exist when reviewing a rollout? This differs from #26753, which reports request validation failures for encrypted tool schemas; this issue concerns auditability after encrypted schema acceptance.

To reproduce: use a build with #26210 and MultiAgentV2 enabled, call `spawn_agent`, `send_message`, or `followup_task`, then inspect parent rollout/history/trace — content is hidden behind ciphertext.

Expected behavior: preserve a human-readable, structured audit copy of subagent task/message while allowing encrypted delivery. A separate non-encrypted audit field should persist in rollout/history/trace metadata for inspection without decrypting model-delivery ciphertext.