codex-gpt stores ChatGPT/Codex login state locally. Treat the data directory as sensitive.

Do not share or commit:

• ~/.codex-gpt/accounts/*.auth.json
• ~/.codex-gpt/shared/.codex/auth.json
• any copied .codex directory
• terminal logs that may contain account metadata

The repository .gitignore blocks common credential paths, but you remain responsible for checking commits before publishing.

Use this tool only with accounts you own or are authorized to use. You are responsible for following the OpenAI and Codex terms that apply to your accounts.

For public repositories, report security issues using GitHub private security advisories when enabled. Otherwise, contact the maintainer privately before posting credential-handling issues publicly.