What variant of Codex are you using?
App, IDE Extension
What feature would you like to see?
Currently, the allowed keys for [shell_environment_policy] do not allow including an env variable that was not included with, say, inherit="core"
Please add a new include / allowlist capability to shell_environment_policy so Codex can inherit only a minimal base environment plus explicitly permitted variables. Variable names are custom and will vary, so this must support prefix/glob and/or regex patterns.
Examples:
[shell_environment_policy]
inherit = "core"
include = ["MYAPP_*", "CI_*"] # prefix/glob
# or:
include_regex = ["^MYAPP_", "^CI_"] # regex
Also helpful:
[shell_environment_policy]
inherit = "none"
include = ["MYAPP_*", "CI_*"]
# (or include_regex = [...])
Meaning: with inherit="none", only the allow listed vars are passed.
Additional information
Acceptance criteria:
Only base (core or none) + matched vars are visible to Codex and spawned tools (VS Code extension + Codex app, and ideally CLI for consistency).
Deterministic and auditable; supports empty include (pure core-only / none-only).
Clear precedence if an exclude option is also present.
Business impact:
Without this, users must choose between “too locked down to work” and “full inherit that risks leaking unrelated secrets,” which blocks compliant environments.
What variant of Codex are you using?
App, IDE Extension
What feature would you like to see?
Currently, the allowed keys for [shell_environment_policy] do not allow including an env variable that was not included with, say, inherit="core"
Please add a new include / allowlist capability to shell_environment_policy so Codex can inherit only a minimal base environment plus explicitly permitted variables. Variable names are custom and will vary, so this must support prefix/glob and/or regex patterns.
Examples:
Also helpful:
Meaning: with inherit="none", only the allow listed vars are passed.
Additional information
Acceptance criteria:
Only base (core or none) + matched vars are visible to Codex and spawned tools (VS Code extension + Codex app, and ideally CLI for consistency).
Deterministic and auditable; supports empty include (pure core-only / none-only).
Clear precedence if an exclude option is also present.
Business impact:
Without this, users must choose between “too locked down to work” and “full inherit that risks leaking unrelated secrets,” which blocks compliant environments.