https://simonwillison.net/2025/Jun/3/codex-agent-internet-access/#atom-everything
What are the risks of internet access? Unsurprisingly, it’s prompt injection and exfiltration attacks. From the new documentation:
Enabling internet access exposes your environment to security risks
These include prompt injection, exfiltration of code or secrets, inclusion of malware or vulnerabilities, or use of content with license restrictions. To mitigate risks, only allow necessary domains and methods, and always review Codex’s outputs and work log.
Simon Willison’s documented the prompt injection concerns for a while. So does Alex Komoroske on his bits and bobs.
Related:
have something to add, leave a reply