Windows sandbox refresh fails for most shell_command invocations before execution

[gazdeckir-sys]

What version of the Codex App are you using (From “About Codex” dialog)?

26.313.41514

What subscription do you have?

plus

What platform is your computer?

windows 11

What issue are you seeing?

On Windows, Codex desktop shell_command is failing before command execution for most commands with:

windows sandbox: setup refresh failed with status exit code: 1

This is not fixed by:

• stopping ambient shell use
• rebooting the PC
• restarting Codex
• starting a new thread

What I observed:

• Most commands fail before execution with the sandbox refresh error.
• git branch --show-current succeeds consistently.
• With default login behavior, that successful command sometimes also emits PowerShell CLIXML parse noise after the branch name.
• Setting login=false suppresses that CLIXML noise, but does not fix the main sandbox-refresh failure for other commands.

Commands that failed:

• Write-Output test
• Get-Date
• Get-ChildItem
• cmd /c ver
• pwsh -NoProfile -Command "Write-Output test"
• powershell -NoProfile -Command "Write-Output test"
• git status --short
• git rev-parse --show-toplevel
• git diff --name-only
• git --version

Commands that succeeded:

• git branch --show-current
• git branch --show-current with workdir="D:\Projects\ai_agent"
• git branch --show-current with login=false

Example failure returned by Codex:
execution error: Io(Custom { kind: Other, error: "windows sandbox: setup refresh failed with status exit code: 1" })

Example success:

• command: git branch --show-current
• output: codex/initial-documented-exportable-state

Additional output seen on the successful command when login-shell behavior was used:

Import-Clixml: 'Text' is an invalid XmlNodeType...
InvalidOperation: Index operation failed...
Import-Clixml: The 'En' start tag ... does not match the end tag of 'Objs'...


### What steps can reproduce the bug?

1. Open Codex desktop on Windows.
2. Start a normal thread in any workspace. I reproduced this in `D:\Projects\ai_agent`.
3. Ask Codex to run a simple shell command through the shell tool, for example:
   - `Write-Output test`
   - `Get-Date`
   - `Get-ChildItem`
   - `git status --short`
4. Observe that the command does not execute and instead fails with:
   `windows sandbox: setup refresh failed with status exit code: 1`
5. Retry with other simple commands, including explicit no-profile shells:
   - `pwsh -NoProfile -Command "Write-Output test"`
   - `powershell -NoProfile -Command "Write-Output test"`
   - `cmd /c ver`
   These also fail with the same sandbox refresh error.
6. Run `git branch --show-current`.
7. Observe that this command succeeds and returns the current branch name.
8. Optionally run the same command with login-shell behavior enabled vs disabled:
   - default login behavior: command succeeds, but may emit extra `Import-Clixml` / CLIXML parse noise
   - `login=false`: command still succeeds and the CLIXML noise is suppressed

Expected result:
- Simple shell commands should execute normally.

Actual result:
- Most commands fail before execution with `windows sandbox: setup refresh failed with status exit code: 1`
- `git branch --show-current` is a notable exception and succeeds consistently

Notes:
- Rebooting Windows, restarting Codex, stopping ambient shell usage, and starting a new thread did not resolve it.
- There may be a second issue where PowerShell login/profile output corrupts structured shell I/O, but that appears separate from the main sandbox refresh failure.


### What is the expected behavior?

Codex desktop should be able to execute normal shell commands on Windows through `shell_command` without failing during sandbox setup.

Expected behavior:
- Simple commands like `Write-Output test`, `Get-Date`, `Get-ChildItem`, and standard git commands like `git status --short` should run normally.
- If a command fails, the failure should come from the command itself, with normal exit code and output, not from a sandbox bootstrap error before execution.
- PowerShell login-shell startup should not emit extra output that breaks Codex’s structured shell I/O.


### Additional information

A few extra details that may help narrow this down:

- I reproduced this after rebooting Windows, restarting Codex, stopping ambient shell usage, and starting a fresh thread.
- The issue appears to happen before command execution, not inside the command itself.
- `git branch --show-current` is a consistent exception and succeeds, which suggests the shell path is not completely dead.
- With default login-shell behavior, that successful command sometimes emits extra CLIXML-related errors such as `Import-Clixml`, which may indicate PowerShell profile/startup output is interfering with structured shell communication.
- Setting `login=false` suppresses that CLIXML noise, but most other commands still fail with the same sandbox refresh error.
- Because explicit `-NoProfile` commands also fail, the PowerShell profile noise looks like a secondary issue, not the main cause of the sandbox-refresh failure.
- This blocks normal repo inspection and agent workflows in the desktop app on this machine.

[github-actions]

Potential duplicates detected. Please review them and close your issue if it is a duplicate.

• windows sandbox: setup refresh failed with status exit code: 1 #14409
• Windows sandbox sets incorrect ACLs when creating new folders, causing issues with apply_patch #14585
• Windows Codex App: All automation tasks fail with exit code 1 (echo/dir produce no output) #14423

Powered by Codex Action