I see a lot of knee-jerk comments to this, but I highly recommend running a scan ( https://openai.com/daybreak/codex-security-plugin/#codex-cli ) in your projects so you can evaluate it yourself. It found a real security issue in a project of mine, with very few false-positives.

Its built-in resume mechanism didn't work after it crashed when running out of my 5 hour session limit, but Claude Code was easily able to resume it 5 hours later reading the session logs and https://openai.com/codex/security/scan.sh