1
Log retention
sessions/*.jsonl + codex-tui.log to S3 or GCS. Retain at least 30 days.
2
Two-person rule
approval_policy=never should require a separate PR reviewer before merge or deploy.
3
Alert on bypass
Send Slack or email notifications when --dangerously-bypass-approvals-and-sandbox is used.
4
Least privilege
Pin sandbox_permissions per command. Avoid permanent danger-full-access defaults.
Anti-patterns
X
--dangerously-bypass...
on production hosts
X
Hardcoded API keys in prompts
X
danger-full-access
with bulk delete