mirror of
https://github.com/openai/codex.git
synced 2026-05-04 05:11:37 +03:00
0bb438bca6
## Summary 1. Add a Security Boundaries section to `SECURITY.md`. 2. Point readers to the Codex Agent approvals and security documentation for sandboxing, approvals, and network controls. ## Validation 1. Reviewed the `SECURITY.md` diff in a clean worktree. 2. No tests run. Docs only change.
18 lines
923 B
Markdown
18 lines
923 B
Markdown
# Security Policy
|
|
|
|
Thank you for helping us keep Codex secure!
|
|
|
|
## Reporting Security Issues
|
|
|
|
The security is essential to OpenAI's mission. We appreciate the work of security researchers acting in good faith to identify and responsibly report potential vulnerabilities, helping us maintain strong privacy and security standards for our users and technology.
|
|
|
|
Our security program is managed through Bugcrowd, and we ask that any validated vulnerabilities be reported via the [Bugcrowd program](https://bugcrowd.com/engagements/openai).
|
|
|
|
## Vulnerability Disclosure Program
|
|
|
|
Our Vulnerability Program Guidelines are defined on our [Bugcrowd program page](https://bugcrowd.com/engagements/openai).
|
|
|
|
## How to operate CODEX safely
|
|
|
|
For details on Codex security boundaries, including sandboxing, approvals, and network controls, see [Agent approvals & security](https://developers.openai.com/codex/agent-approvals-security).
|