From 17edbd49f18c24b5152031f794c48d5680e14ffd Mon Sep 17 00:00:00 2001 From: lmbagley Date: Fri, 12 Jun 2026 08:00:59 -0700 Subject: [PATCH] Fix CrossVendorAudit codex invocation: non-git PAI dirs and OpenAI env overrides Two failure modes in invokeCodex(): 1. codex exec refuses to run when the working directory is not a git repository ('Not inside a trusted directory'), so the cross-vendor audit always returns skipped on installs that persist the PAI directory by means other than git. Pass --skip-git-repo-check. 2. The spawned codex process inherits the parent environment, and codex's auth precedence puts OPENAI_API_KEY / OPENAI_BASE_URL above ~/.codex/auth.json and config.toml. A stray key in the parent shell silently flips the audit from the user's configured codex auth (e.g. ChatGPT subscription) to direct API billing. Scrub both vars from the child env. Verified live on a non-git PAI install: audit runs end-to-end and persists a structured verdict where it previously logged 'skipped: codex exit 1'. --- .../.claude/PAI/TOOLS/CrossVendorAudit.ts | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts b/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts index 2d8b087ec..e5ad042de 100644 --- a/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts +++ b/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts @@ -189,10 +189,24 @@ function assembleBundle(isa: string, artifacts: string, toolTail: string, adviso function invokeCodex(bundle: string): Promise<{ stdout: string; stderr: string; code: number | null }> { return new Promise((resolvePromise) => { + // --skip-git-repo-check: the PAI directory is not always a git repository + // (some installs persist it by other means), and codex exec refuses to run + // from a non-git working directory without this flag. + // Env scrub: codex's auth precedence puts OPENAI_API_KEY / OPENAI_BASE_URL + // above ~/.codex/auth.json and config.toml, so a stray key in the parent + // shell silently flips the audit from the user's configured codex auth + // (e.g. ChatGPT subscription) to direct API billing. Only scrub when a + // configured auth file exists — users who authenticate codex solely via + // OPENAI_API_KEY keep working unchanged. + const env = { ...process.env }; + if (existsSync(join(HOME, ".codex", "auth.json"))) { + delete env.OPENAI_API_KEY; + delete env.OPENAI_BASE_URL; + } const proc = spawn( CODEX_BIN, - ["exec", "--sandbox", "read-only", "--model", "gpt-5.4", "-"], - { stdio: ["pipe", "pipe", "pipe"] } + ["exec", "--sandbox", "read-only", "--skip-git-repo-check", "--model", "gpt-5.4", "-"], + { stdio: ["pipe", "pipe", "pipe"], env } ); let stdout = ""; let stderr = "";