Fix CrossVendorAudit codex invocation: non-git PAI dirs and OpenAI env overrides

lmbagley · lmbagley · commit 02b005edba1f · 2026-06-12T08:00:59.000-07:00
Two failure modes in invokeCodex():

1. codex exec refuses to run when the working directory is not a git
   repository ('Not inside a trusted directory'), so the cross-vendor
   audit always returns skipped on installs that persist the PAI
   directory by means other than git. Pass --skip-git-repo-check.

2. The spawned codex process inherits the parent environment, and
   codex's auth precedence puts OPENAI_API_KEY / OPENAI_BASE_URL above
   ~/.codex/auth.json and config.toml. A stray key in the parent shell
   silently flips the audit from the user's configured codex auth
   (e.g. ChatGPT subscription) to direct API billing. Scrub both vars
   from the child env.

Verified live on a non-git PAI install: audit runs end-to-end and
persists a structured verdict where it previously logged
'skipped: codex exit 1'.
diff --git a/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts b/Releases/v5.0.0/.claude/PAI/TOOLS/CrossVendorAudit.ts
@@ -189,10 +189,20 @@ function assembleBundle(isa: string, artifacts: string, toolTail: string, adviso
 
 function invokeCodex(bundle: string): Promise<{ stdout: string; stderr: string; code: number | null }> {
   return new Promise((resolvePromise) => {
+    // --skip-git-repo-check: the PAI directory is not always a git repository
+    // (some installs persist it by other means), and codex exec refuses to run
+    // from a non-git working directory without this flag.
+    // Env scrub: codex's auth precedence puts OPENAI_API_KEY / OPENAI_BASE_URL
+    // above ~/.codex/auth.json and config.toml, so a stray key in the parent
+    // shell silently flips the audit from the user's configured codex auth
+    // (e.g. ChatGPT subscription) to direct API billing.
+    const env = { ...process.env };
+    delete env.OPENAI_API_KEY;
+    delete env.OPENAI_BASE_URL;
     const proc = spawn(
       CODEX_BIN,
-      ["exec", "--sandbox", "read-only", "--model", "gpt-5.4", "-"],
-      { stdio: ["pipe", "pipe", "pipe"] }
+      ["exec", "--sandbox", "read-only", "--skip-git-repo-check", "--model", "gpt-5.4", "-"],
+      { stdio: ["pipe", "pipe", "pipe"], env }
     );
     let stdout = "";
     let stderr = "";
