A developer has reopened discussion around adding file exclusion capabilities to OpenAI Codex, proposing a .codexignore mechanism similar to .gitignore. The feature would prevent agents from reading or transmitting sensitive files like .env configurations, PEM certificates, and SSH keys to the model. This addresses security concerns around accidental credential exposure in AI-assisted coding workflows.

The request targets both repository-level and global ignore configurations, enabling teams to define deterministic rules that sync across projects. Use cases include keeping node_modules searchable while blocking environment files and cloud credentials. The proposal emphasizes shareable configuration over informal documentation conventions.

Previously closed issue #205 identified similar needs but was redirected toward a Rust implementation called codex-rs. However, as of late August 2025, this exclusion feature remains absent from the Rust version, leaving a gap in security controls for enterprise adoption.

The contributor has volunteered to implement and test the solution, suggesting community interest in hardening AI coding tools for production use. Without explicit file filtering, organizations risk exposing secrets through automated code review and completion features.