add ArmorCodex (security plugin for Codex) (#140)

- README entry under Community Plugins → Tools & Integrations
- Plugin bundle at plugins/armoriq/armorCodex/ with .codex-plugin/plugin.json + assets/icon.png

ArmorCodex provides intent-based security enforcement for OpenAI Codex:
MCP-based plan registration, policy-based tool gating, CSRG cryptographic
proofs, and audit logging on Bash and apply_patch.

Repo: https://github.com/armoriq/armorCodex
Closes armoriq/armorCodex#1.

Author: Harihara04sudhan

README.md

@@ -174,6 +174,7 @@ Third-party plugins built by the community. [PRs welcome](#contributing)!
 - [Agent Message Queue](https://github.com/avivsinai/agent-message-queue) - File-based inter-agent messaging with co-op mode, cross-project federation, and orchestrator integrations.
 - [Agent Vision](https://github.com/zfifteen/agent-vision) - macOS-only local camera plugin for explicit snapshots, streaming controls, and file-backed image input.
 - [Apple Productivity](https://github.com/matk0shub/apple-productivity-mcp) - Local Apple Calendar and Reminders tooling for macOS with Codex plugin adapters.
+- [ArmorCodex](https://github.com/armoriq/armorCodex) - Intent-based security for Codex with MCP plan registration, policy gating, CSRG cryptographic proofs, and audit logging on Bash and apply_patch.
 - [AxonFlow](https://github.com/getaxonflow/axonflow-codex-plugin) - Runtime governance for Codex with policy enforcement on terminal commands, advisory checks for non-terminal tools via skills, PII/secret detection, and compliance-grade audit trails. Self-hosted via Docker.
 - [Bitbucket CLI](https://github.com/avivsinai/bitbucket-cli) - Manage Bitbucket repos, PRs, branches, issues, webhooks, and pipelines for Data Center and Cloud.
 - [Call-E](https://github.com/CALLE-AI/call-e-integrations) - Plan, run, and inspect Call-E phone call workflows from Codex through the calle CLI.

plugins/armoriq/armorCodex/.codex-plugin/plugin.json

@@ -0,0 +1,75 @@
+{
+  "name": "armorcodex",
+  "version": "0.2.0",
+  "description": "ArmorIQ intent-based security enforcement for Codex: Bash command guardrails with intent verification, optional CSRG cryptographic proofs, and audit logging. Codex hooks currently fire for Bash, apply_patch, and MCP tool calls; non-Bash file/web activity may need supplemental controls. See CODEX_HARNESS_LIMITATIONS.md.",
+  "author": {
+    "name": "ArmorIQ",
+    "email": "license@armoriq.io",
+    "url": "https://armoriq.ai"
+  },
+  "homepage": "https://armoriq.ai",
+  "repository": "https://github.com/armoriq/armorCodex",
+  "license": "MIT",
+  "keywords": [
+    "security",
+    "policy",
+    "audit",
+    "intent",
+    "armoriq",
+    "mcp",
+    "hooks"
+  ],
+  "hooks": "./.codex/hooks.json",
+  "mcpServers": "./.mcp.json",
+  "interface": {
+    "displayName": "ArmorCodex",
+    "shortDescription": "Intent-based security policy and audit for Codex.",
+    "longDescription": "ArmorIQ intent-based security enforcement for OpenAI Codex. Treat as a strong Bash guardrail and audit layer, not a complete boundary for every Codex capability. Codex hooks currently emit Bash, apply_patch, and MCP tool calls. ArmorCodex provides plan registration through MCP, intent-plan matching, permission gating, and post-run audit on those tools. Non-Bash activity (file edits, web search, app connectors) is gated where Codex emits hook events.",
+    "developerName": "ArmorIQ",
+    "category": "Security",
+    "capabilities": ["MCP", "Hooks"],
+    "websiteURL": "https://armoriq.ai",
+    "privacyPolicyURL": "https://armoriq.ai/privacy",
+    "termsOfServiceURL": "https://armoriq.ai/terms",
+    "brandColor": "#00E5CC",
+    "composerIcon": "./assets/icon.png",
+    "logo": "./assets/icon.png",
+    "defaultPrompt": [
+      "Register an intent plan, then run my Bash commands.",
+      "Show the current ArmorCodex security policies.",
+      "Block Bash commands that contain curl or wget."
+    ]
+  },
+  "userConfig": {
+    "api_key": {
+      "type": "string",
+      "title": "ArmorIQ API Key",
+      "description": "Your ArmorIQ API key (get one at https://armoriq.ai). Leave blank to run in local-only mode without backend audit/intent.",
+      "sensitive": true
+    },
+    "mode": {
+      "type": "string",
+      "title": "Enforcement Mode",
+      "description": "enforce = block on policy/intent failures (recommended). monitor = log only, never block.",
+      "sensitive": false
+    },
+    "intent_required": {
+      "type": "boolean",
+      "title": "Require Intent Plan",
+      "description": "When true, every Bash command must be backed by a registered intent plan (Codex hooks currently only intercept Bash). Disable for advisory-only use.",
+      "sensitive": false
+    },
+    "crypto_policy_enabled": {
+      "type": "boolean",
+      "title": "Enable Crypto Policy Binding",
+      "description": "Bind policy rules to a Merkle tree so post-issuance tampering is detected.",
+      "sensitive": false
+    },
+    "use_production": {
+      "type": "boolean",
+      "title": "Use Production Endpoints",
+      "description": "When true, talks to ArmorIQ production. When false, expects a local backend on 127.0.0.1.",
+      "sensitive": false
+    }
+  }
+}