@nerviq/cli 0.9.0-beta.2 → 0.9.1

package/src/codex/techniques.js

@@ -1012,6 +1012,345 @@ function pluginConfigIssue(ctx) {
   }
 }
 
+function primaryDocsPath(ctx) {
+  return agentsPath(ctx) || (ctx.fileContent('README.md') ? 'README.md' : null);
+}
+
+function webSearchModeRelevant(ctx) {
+  const config = ctx.configToml();
+  if (!config.ok || !config.data) return false;
+
+  const profiles = config.data.profiles && typeof config.data.profiles === 'object'
+    ? Object.values(config.data.profiles)
+    : [];
+  if (config.data.web_search !== undefined || profiles.some((profile) => profile && typeof profile === 'object' && profile.web_search !== undefined)) {
+    return true;
+  }
+
+  const docs = docsBundle(ctx);
+  const workflowUsesSearch = workflowArtifacts(ctx).some((workflow) => /\s--search\b|\bweb_search\b/i.test(workflow.content));
+  return workflowUsesSearch || /\s--search\b|\bweb_search\b|\blive search\b|\bcached search\b/i.test(docs);
+}
+
+function webSearchModeIssue(ctx) {
+  const config = ctx.configToml();
+  if (!config.ok || !config.data) return null;
+
+  const validModes = new Set(['cached', 'live', 'disabled']);
+  const docs = docsBundle(ctx);
+  const searchHintPresent = workflowArtifacts(ctx).some((workflow) => /\s--search\b|\bweb_search\b/i.test(workflow.content)) ||
+    /\s--search\b|\bweb_search\b|\blive search\b|\bcached search\b/i.test(docs);
+  const rootSearch = config.data.web_search;
+  const rootEffort = config.data.model_reasoning_effort;
+  const profiles = config.data.profiles && typeof config.data.profiles === 'object' ? config.data.profiles : {};
+
+  if (rootSearch !== undefined && !validModes.has(`${rootSearch}`)) {
+    return { filePath: '.codex/config.toml', line: configKeyLine(ctx, 'web_search') || 1 };
+  }
+
+  if (rootEffort === 'minimal' && ((typeof rootSearch === 'string' && rootSearch !== 'disabled') || (rootSearch === undefined && searchHintPresent))) {
+    return {
+      filePath: '.codex/config.toml',
+      line: configKeyLine(ctx, 'model_reasoning_effort') || configKeyLine(ctx, 'web_search') || 1,
+    };
+  }
+
+  for (const [name, profile] of Object.entries(profiles)) {
+    if (!profile || typeof profile !== 'object') continue;
+    if (profile.web_search !== undefined && !validModes.has(`${profile.web_search}`)) {
+      return {
+        filePath: '.codex/config.toml',
+        line: configSectionKeyLine(ctx, `profiles.${name}`, 'web_search') ||
+          (configSections(ctx).find((section) => section.section === `profiles.${name}`) || {}).line ||
+          1,
+      };
+    }
+
+    const effectiveSearch = profile.web_search !== undefined ? profile.web_search : rootSearch;
+    if (profile.model_reasoning_effort === 'minimal' &&
+      ((typeof effectiveSearch === 'string' && effectiveSearch !== 'disabled') || (effectiveSearch === undefined && searchHintPresent))) {
+      return {
+        filePath: '.codex/config.toml',
+        line: configSectionKeyLine(ctx, `profiles.${name}`, 'model_reasoning_effort') ||
+          configSectionKeyLine(ctx, `profiles.${name}`, 'web_search') ||
+          configKeyLine(ctx, 'web_search') ||
+          (configSections(ctx).find((section) => section.section === `profiles.${name}`) || {}).line ||
+          1,
+      };
+    }
+  }
+
+  return null;
+}
+
+function requirementsTomlIssue(ctx) {
+  const content = ctx.fileContent('requirements.toml');
+  if (!content) return null;
+
+  const hasMeaningfulContent = content.split(/\r?\n/).some((line) => {
+    const trimmed = line.trim();
+    return trimmed && !trimmed.startsWith('#');
+  });
+  if (!hasMeaningfulContent) {
+    return { filePath: 'requirements.toml', line: 1 };
+  }
+
+  const docs = docsBundle(ctx);
+  const acknowledged = /\brequirements\.toml\b|\badmin[- ]enforced\b|\bmanaged configuration\b|\bmanaged\b/i.test(docs);
+  return acknowledged ? null : { filePath: primaryDocsPath(ctx) || 'requirements.toml', line: 1 };
+}
+
+function sharedOrManagedMachineSignals(ctx) {
+  const docs = docsBundle(ctx);
+  return Boolean(ctx.fileContent('requirements.toml')) ||
+    /\bshared\b|\bmanaged\b|\badmin[- ]enforced\b|\bmulti-user\b|\benterprise\b|\bkiosk\b|\bvdi\b/i.test(docs);
+}
+
+function authCredentialsStoreIssue(ctx) {
+  if (!ctx.fileContent('.codex/config.toml')) return null;
+  if (!sharedOrManagedMachineSignals(ctx)) return null;
+
+  const value = ctx.configValue('cli_auth_credentials_store');
+  if (value === undefined) {
+    return { filePath: '.codex/config.toml', line: configKeyLine(ctx, 'cli_auth_credentials_store') || 1 };
+  }
+
+  return ['auto', 'file', 'keyring'].includes(`${value}`)
+    ? null
+    : { filePath: '.codex/config.toml', line: configKeyLine(ctx, 'cli_auth_credentials_store') || 1 };
+}
+
+function protectedPathAssumptionRelevant(ctx) {
+  return ctx.configValue('sandbox_mode') === 'workspace-write' && /\.(git|codex|agents)\b/i.test(docsBundle(ctx));
+}
+
+function protectedPathAssumptionIssue(ctx) {
+  if (!protectedPathAssumptionRelevant(ctx)) return null;
+
+  const docs = docsBundle(ctx);
+  const riskyPattern = /\.(git|codex|agents)\b[\s\S]{0,120}\b(edit|modify|write|delete|remove|patch|update|commit)\b/i;
+  const safePattern = /\.(git|codex|agents)\b[\s\S]{0,120}\b(read-only|read only|protected|not writable|cannot (?:be )?(?:edited|modified|written)|blocked)\b/i;
+  if (safePattern.test(docs)) return null;
+  if (!riskyPattern.test(docs)) return null;
+
+  return {
+    filePath: primaryDocsPath(ctx) || '.codex/config.toml',
+    line: firstLineMatching(docs, /\.(git|codex|agents)\b/i) || 1,
+  };
+}
+
+function mcpHttpAuthAndCallbackRelevant(ctx) {
+  if (!projectScopedMcpPresent(ctx)) return false;
+  const servers = projectMcpServers(ctx);
+  const hasRemoteHeaderAuth = Object.values(servers || {}).some((server) => server && server.url && (server.env_http_headers || server.http_headers));
+  return hasRemoteHeaderAuth ||
+    typeof ctx.configValue('mcp_oauth_callback_port') === 'number' ||
+    Boolean(ctx.configValue('mcp_oauth_callback_url'));
+}
+
+function mcpHttpAuthAndCallbackIssue(ctx) {
+  const docs = docsBundle(ctx);
+  const callbackPort = ctx.configValue('mcp_oauth_callback_port');
+  const callbackUrl = ctx.configValue('mcp_oauth_callback_url');
+
+  if ((typeof callbackPort === 'number' || callbackUrl) && !/\boauth\b|\bcallback\b|\bredirect\b|\bloopback\b/i.test(docs)) {
+    return {
+      filePath: '.codex/config.toml',
+      line: configKeyLine(ctx, 'mcp_oauth_callback_url') || configKeyLine(ctx, 'mcp_oauth_callback_port') || 1,
+    };
+  }
+
+  for (const [id, server] of Object.entries(projectMcpServers(ctx))) {
+    if (!server || !server.url) continue;
+    if (!(server.env_http_headers || server.http_headers)) continue;
+
+    const hasDocNote = new RegExp(`\\b${escapeRegex(id)}\\b[\\s\\S]{0,180}\\b(header|oauth|callback|auth|token)\\b`, 'i').test(docs);
+    if (!hasDocNote) {
+      return {
+        filePath: '.codex/config.toml',
+        line: configSectionKeyLine(ctx, `mcp_servers.${id}`, 'env_http_headers') ||
+          configSectionKeyLine(ctx, `mcp_servers.${id}`, 'http_headers') ||
+          (configSections(ctx).find((section) => section.section === `mcp_servers.${id}`) || {}).line ||
+          1,
+      };
+    }
+  }
+
+  return null;
+}
+
+function batchStyleSubagentFlowPresent(ctx) {
+  const files = ctx.customAgentFiles ? ctx.customAgentFiles() : [];
+  const csvPattern = /\bspawn_agents_on_csv\b|\breport_agent_job_result\b|\boutput_csv_path\b|\boutput_schema\b|\bmax_concurrency\b|\bmax_runtime_seconds\b/i;
+  return files.some((fileName) => {
+    const content = ctx.fileContent(path.join('.codex', 'agents', fileName)) || '';
+    return csvPattern.test(content);
+  });
+}
+
+function csvBatchAgentIssue(ctx) {
+  const files = ctx.customAgentFiles ? ctx.customAgentFiles() : [];
+  const csvPattern = /\bspawn_agents_on_csv\b|\breport_agent_job_result\b|\boutput_csv_path\b|\boutput_schema\b|\bmax_concurrency\b|\bmax_runtime_seconds\b/i;
+
+  for (const fileName of files) {
+    const content = ctx.fileContent(path.join('.codex', 'agents', fileName)) || '';
+    if (!csvPattern.test(content)) continue;
+    if (typeof ctx.configValue('agents.job_max_runtime_seconds') === 'number') return null;
+    return {
+      filePath: '.codex/config.toml',
+      line: configSectionKeyLine(ctx, 'agents', 'job_max_runtime_seconds') || 1,
+    };
+  }
+
+  return null;
+}
+
+function nicknameCandidatesIssue(ctx) {
+  const files = ctx.customAgentFiles ? ctx.customAgentFiles() : [];
+  const seen = new Map();
+
+  for (const fileName of files) {
+    const parsed = ctx.customAgentConfig(fileName);
+    if (!parsed.ok || !parsed.data) {
+      return { filePath: `.codex/agents/${fileName}`, line: 1 };
+    }
+
+    const candidates = parsed.data.nickname_candidates;
+    if (candidates === undefined) continue;
+    if (!Array.isArray(candidates) || candidates.length === 0) {
+      const content = ctx.fileContent(path.join('.codex', 'agents', fileName)) || '';
+      return {
+        filePath: `.codex/agents/${fileName}`,
+        line: firstLineMatching(content, /^\s*nickname_candidates\s*=/i) || 1,
+      };
+    }
+
+    const localSeen = new Set();
+    for (const candidate of candidates) {
+      const normalized = typeof candidate === 'string' ? candidate.trim() : '';
+      const canonical = normalized.toLowerCase();
+      if (!normalized || !/^[A-Za-z0-9 _-]+$/.test(normalized) || localSeen.has(canonical) || seen.has(canonical)) {
+        const content = ctx.fileContent(path.join('.codex', 'agents', fileName)) || '';
+        return {
+          filePath: `.codex/agents/${fileName}`,
+          line: firstLineMatching(content, /^\s*nickname_candidates\s*=/i) || 1,
+        };
+      }
+      localSeen.add(canonical);
+      seen.set(canonical, fileName);
+    }
+  }
+
+  return null;
+}
+
+function nativeWindowsConfigRelevant(ctx) {
+  return configSections(ctx).some((section) => section.section === 'windows') ||
+    /\bnative windows\b|\bwindows sandbox\b|\bprivate desktop\b/i.test(docsBundle(ctx));
+}
+
+function windowsSandboxModeIssue(ctx) {
+  if (!nativeWindowsConfigRelevant(ctx)) return null;
+
+  const value = ctx.configValue('windows.sandbox');
+  if (value === undefined) {
+    return {
+      filePath: '.codex/config.toml',
+      line: configSectionKeyLine(ctx, 'windows', 'sandbox') ||
+        (configSections(ctx).find((section) => section.section === 'windows') || {}).line ||
+        1,
+    };
+  }
+
+  return ['elevated', 'unelevated'].includes(`${value}`)
+    ? null
+    : {
+      filePath: '.codex/config.toml',
+      line: configSectionKeyLine(ctx, 'windows', 'sandbox') ||
+        (configSections(ctx).find((section) => section.section === 'windows') || {}).line ||
+        1,
+    };
+}
+
+function appAutomationRelevant(ctx) {
+  return /\bautomations?\b|\btriage inbox\b|\bbackground tasks?\b/i.test(docsBundle(ctx));
+}
+
+function automationAppRunningIssue(ctx) {
+  if (!appAutomationRelevant(ctx)) return null;
+
+  const docs = docsBundle(ctx);
+  const acknowledged = /\bapp needs to be running\b|\bkeep the app running\b|\bCodex app\b[\s\S]{0,80}\brunning\b|\bselected project\b[\s\S]{0,80}\bon disk\b/i.test(docs);
+  return acknowledged
+    ? null
+    : {
+      filePath: primaryDocsPath(ctx) || 'README.md',
+      line: firstLineMatching(docs, /\bautomations?\b|\btriage inbox\b|\bbackground tasks?\b/i) || 1,
+    };
+}
+
+function codexActionPromptSourceIssue(ctx) {
+  for (const workflow of workflowArtifacts(ctx)) {
+    if (!/uses:\s*openai\/codex-action@/i.test(workflow.content)) continue;
+
+    const hasPrompt = /^\s*prompt\s*:/im.test(workflow.content);
+    const hasPromptFile = /^\s*prompt-file\s*:/im.test(workflow.content);
+    if (hasPrompt && hasPromptFile) {
+      return {
+        filePath: workflow.filePath,
+        line: firstLineMatching(workflow.content, /^\s*prompt(?:-file)?\s*:/im) || 1,
+      };
+    }
+
+    if (!hasPrompt && !hasPromptFile) {
+      return {
+        filePath: workflow.filePath,
+        line: firstLineMatching(workflow.content, /uses:\s*openai\/codex-action@/i) || 1,
+      };
+    }
+  }
+
+  return null;
+}
+
+function codexActionTriggerAllowlistIssue(ctx) {
+  for (const workflow of workflowArtifacts(ctx)) {
+    if (!/uses:\s*openai\/codex-action@/i.test(workflow.content)) continue;
+
+    const triggerLine = firstLineMatching(workflow.content, /\bissue_comment\b|\bpull_request_target\b|\bpull_request_review_comment\b|\bdiscussion_comment\b/i);
+    if (!triggerLine) continue;
+
+    const hasAllowUsers = /^\s*allow-users\s*:/im.test(workflow.content);
+    const hasAllowBots = /^\s*allow-bots\s*:/im.test(workflow.content);
+    if (!hasAllowUsers && !hasAllowBots) {
+      return { filePath: workflow.filePath, line: triggerLine };
+    }
+  }
+
+  return null;
+}
+
+function codexActionExternalTriggersPresent(ctx) {
+  return workflowArtifacts(ctx).some((workflow) =>
+    /uses:\s*openai\/codex-action@/i.test(workflow.content) &&
+    /\bissue_comment\b|\bpull_request_target\b|\bpull_request_review_comment\b|\bdiscussion_comment\b/i.test(workflow.content));
+}
+
+function desktopProjectMcpCaveatIssue(ctx) {
+  if (!projectScopedMcpPresent(ctx)) return null;
+
+  const docs = docsBundle(ctx);
+  if (!/\bdesktop\b|\bide\b|\bextension\b/i.test(docs)) return null;
+
+  const caveated = /\btrusted project\b|\btrust\b|\brepo-local\b|\bproject-scoped\b|\bglobal config\b|\buser-global\b|\bmay be ignored\b/i.test(docs);
+  return caveated
+    ? null
+    : {
+      filePath: primaryDocsPath(ctx) || '.codex/config.toml',
+      line: firstLineMatching(docs, /\bdesktop\b|\bide\b|\bextension\b/i) || 1,
+    };
+}
+
 const CODEX_TECHNIQUES = {
   codexAgentsMd: {
     id: 'CX-A01',
@@ -1203,7 +1542,7 @@ const CODEX_TECHNIQUES = {
     impact: 'low',
     rating: 3,
     category: 'config',
-    fix: 'Set `model_reasoning_effort` explicitly so Codex reasoning depth is intentional instead of implicit.',
+    fix: 'Set `model_reasoning_effort` explicitly only when the repo needs a non-default reasoning posture; this setting is optional, and minimal effort should stay compatible with any `web_search` usage.',
     template: 'codex-config',
     file: () => '.codex/config.toml',
     line: (ctx) => configKeyLine(ctx, 'model_reasoning_effort'),
@@ -1211,14 +1550,17 @@ const CODEX_TECHNIQUES = {
   codexWeakModelExplicit: {
     id: 'CX-B04',
     name: 'Weak-task delegation model is explicit',
-    check: (ctx) => Boolean(ctx.configValue('model_for_weak_tasks')),
+    check: () => {
+      // Retired: config key removed from official schema as of 2026-04-05
+      return null;
+    },
     impact: 'medium',
     rating: 4,
     category: 'config',
-    fix: 'Set `model_for_weak_tasks` explicitly so Codex delegation is predictable and cost-aware.',
-    template: 'codex-config',
-    file: () => '.codex/config.toml',
-    line: (ctx) => configKeyLine(ctx, 'model_for_weak_tasks'),
+    fix: '`model_for_weak_tasks` was removed from the official Codex config schema as of 2026-04-05. This check is retired and no repo change is required.',
+    template: null,
+    file: () => null,
+    line: () => null,
   },
   codexConfigSectionPlacement: {
     id: 'CX-B05',
@@ -1285,7 +1627,7 @@ const CODEX_TECHNIQUES = {
     impact: 'low',
     rating: 3,
     category: 'config',
-    fix: 'If you define Codex profiles, make sure each profile contains real settings and any selected `profile` points to an existing profile section.',
+    fix: 'Profiles are an advanced feature, not a baseline requirement. If you use them, make sure each profile contains real settings and any selected `profile` points to an existing profile section.',
     template: null,
     file: () => '.codex/config.toml',
     line: (ctx) => configKeyLine(ctx, 'profile') || (profileSections(ctx)[0] || {}).line || null,
@@ -1293,14 +1635,80 @@ const CODEX_TECHNIQUES = {
   codexFullAutoErrorModeExplicit: {
     id: 'CX-B09',
     name: 'full_auto_error_mode is explicit',
-    check: (ctx) => Boolean(ctx.configValue('full_auto_error_mode')),
+    check: () => {
+      // Retired: config key removed from official schema as of 2026-04-05
+      return null;
+    },
     impact: 'medium',
     rating: 4,
     category: 'config',
-    fix: 'Set `full_auto_error_mode` explicitly so Codex failure behavior is predictable during automated flows.',
+    fix: '`full_auto_error_mode` was removed from the official Codex config schema as of 2026-04-05. This check is retired and no repo change is required.',
+    template: null,
+    file: () => null,
+    line: () => null,
+  },
+  codexWebSearchModeCompatible: {
+    id: 'CX-B10',
+    name: 'web_search mode is explicit and compatible when search is part of the workflow',
+    check: (ctx) => {
+      if (!webSearchModeRelevant(ctx)) return null;
+      return !webSearchModeIssue(ctx);
+    },
+    impact: 'medium',
+    rating: 4,
+    category: 'config',
+    fix: 'When the repo uses search-aware Codex flows, set `web_search = "cached" | "live" | "disabled"` intentionally and avoid pairing search with `model_reasoning_effort = "minimal"` in the same effective profile.',
     template: 'codex-config',
-    file: () => '.codex/config.toml',
-    line: (ctx) => configKeyLine(ctx, 'full_auto_error_mode'),
+    file: (ctx) => {
+      const issue = webSearchModeIssue(ctx);
+      return issue ? issue.filePath : '.codex/config.toml';
+    },
+    line: (ctx) => {
+      const issue = webSearchModeIssue(ctx);
+      return issue ? issue.line : configKeyLine(ctx, 'web_search');
+    },
+  },
+  codexRequirementsTomlRecognized: {
+    id: 'CX-B11',
+    name: 'requirements.toml posture is recognized when a managed layer exists',
+    check: (ctx) => {
+      if (!ctx.fileContent('requirements.toml')) return null;
+      return !requirementsTomlIssue(ctx);
+    },
+    impact: 'medium',
+    rating: 3,
+    category: 'config',
+    fix: 'If the repo uses `requirements.toml`, keep it non-empty and acknowledge that it is a managed/admin layer rather than an ordinary project preference file.',
+    template: null,
+    file: (ctx) => {
+      const issue = requirementsTomlIssue(ctx);
+      return issue ? issue.filePath : 'requirements.toml';
+    },
+    line: (ctx) => {
+      const issue = requirementsTomlIssue(ctx);
+      return issue ? issue.line : 1;
+    },
+  },
+  codexCliAuthCredentialsStoreExplicit: {
+    id: 'CX-B12',
+    name: 'cli_auth_credentials_store is explicit on shared or managed setups',
+    check: (ctx) => {
+      const issue = authCredentialsStoreIssue(ctx);
+      return issue ? false : (sharedOrManagedMachineSignals(ctx) ? true : null);
+    },
+    impact: 'high',
+    rating: 4,
+    category: 'config',
+    fix: 'On shared or managed machines, set `cli_auth_credentials_store = "auto" | "keyring" | "file"` explicitly so Codex auth-cache handling is reviewable.',
+    template: 'codex-config',
+    file: (ctx) => {
+      const issue = authCredentialsStoreIssue(ctx);
+      return issue ? issue.filePath : '.codex/config.toml';
+    },
+    line: (ctx) => {
+      const issue = authCredentialsStoreIssue(ctx);
+      return issue ? issue.line : configKeyLine(ctx, 'cli_auth_credentials_store');
+    },
   },
   codexApprovalPolicyExplicit: {
     id: 'CX-C02',
@@ -1364,32 +1772,32 @@ const CODEX_TECHNIQUES = {
   codexDisableResponseStorageForRegulatedRepos: {
     id: 'CX-C05',
     name: 'disable_response_storage is explicit for regulated repos',
-    check: (ctx) => {
-      if (!repoLooksRegulated(ctx)) return null;
-      return ctx.configValue('disable_response_storage') === true;
+    check: () => {
+      // Retired: config key removed from official schema as of 2026-04-05
+      return null;
     },
     impact: 'medium',
     rating: 4,
     category: 'trust',
-    fix: 'For regulated or compliance-heavy repos, set `disable_response_storage = true` so response retention is not left implicit.',
-    template: 'codex-config',
-    file: () => '.codex/config.toml',
-    line: (ctx) => configKeyLine(ctx, 'disable_response_storage'),
+    fix: '`disable_response_storage` was removed from the official Codex config schema as of 2026-04-05. This check is retired and no repo change is required.',
+    template: null,
+    file: () => null,
+    line: () => null,
   },
   codexHistorySendToServerExplicit: {
     id: 'CX-C06',
     name: 'history.send_to_server is explicit',
-    check: (ctx) => {
-      const value = ctx.configValue('history.send_to_server');
-      return typeof value === 'boolean';
+    check: () => {
+      // Retired: config key removed from official schema as of 2026-04-05
+      return null;
     },
     impact: 'medium',
     rating: 4,
     category: 'trust',
-    fix: 'Set `[history] send_to_server = true|false` explicitly so Codex history sync posture is reviewable.',
-    template: 'codex-config',
-    file: () => '.codex/config.toml',
-    line: (ctx) => configSectionKeyLine(ctx, 'history', 'send_to_server'),
+    fix: '`history.send_to_server` was removed from the official Codex config schema as of 2026-04-05. This check is retired and no repo change is required.',
+    template: null,
+    file: () => null,
+    line: () => null,
   },
   codexGitHubActionUnsafeJustified: {
     id: 'CX-C07',
@@ -1448,6 +1856,48 @@ const CODEX_TECHNIQUES = {
       return content ? findSecretLine(content) : null;
     },
   },
+  codexProtectedPathsRespectedInWorkspaceWriteDocs: {
+    id: 'CX-C10',
+    name: 'Workspace-write docs do not imply protected paths are writable',
+    check: (ctx) => {
+      if (!protectedPathAssumptionRelevant(ctx)) return null;
+      return !protectedPathAssumptionIssue(ctx);
+    },
+    impact: 'high',
+    rating: 4,
+    category: 'trust',
+    fix: 'If repo docs mention `.git`, `.codex`, or `.agents` under workspace-write, describe them as protected/read-only rather than writable runtime surfaces.',
+    template: 'codex-agents-md',
+    file: (ctx) => {
+      const issue = protectedPathAssumptionIssue(ctx);
+      return issue ? issue.filePath : primaryDocsPath(ctx);
+    },
+    line: (ctx) => {
+      const issue = protectedPathAssumptionIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
+  codexWindowsSandboxModeExplicit: {
+    id: 'CX-C11',
+    name: 'Native Windows sandbox mode is explicit when Windows config is used',
+    check: (ctx) => {
+      const issue = windowsSandboxModeIssue(ctx);
+      return issue ? false : (nativeWindowsConfigRelevant(ctx) ? true : null);
+    },
+    impact: 'high',
+    rating: 4,
+    category: 'trust',
+    fix: 'If the repo relies on native Windows Codex settings, set `[windows] sandbox = "elevated" | "unelevated"` explicitly so the trust boundary is reviewable.',
+    template: 'codex-config',
+    file: (ctx) => {
+      const issue = windowsSandboxModeIssue(ctx);
+      return issue ? issue.filePath : '.codex/config.toml';
+    },
+    line: (ctx) => {
+      const issue = windowsSandboxModeIssue(ctx);
+      return issue ? issue.line : configSectionKeyLine(ctx, 'windows', 'sandbox');
+    },
+  },
   codexRulesExistForRiskyCommands: {
     id: 'CX-D01',
     name: 'Rules exist for risky or out-of-sandbox command classes',
@@ -1769,6 +2219,48 @@ const CODEX_TECHNIQUES = {
       return issue ? issue.line : null;
     },
   },
+  codexMcpHttpAuthAndCallbacksDocumented: {
+    id: 'CX-F07',
+    name: 'MCP HTTP auth and callback fields are documented when used',
+    check: (ctx) => {
+      if (!mcpHttpAuthAndCallbackRelevant(ctx)) return null;
+      return !mcpHttpAuthAndCallbackIssue(ctx);
+    },
+    impact: 'medium',
+    rating: 4,
+    category: 'mcp',
+    fix: 'If remote MCP uses header-based auth or custom OAuth callback settings, document the header/callback posture in repo docs so setup stays reviewable.',
+    template: null,
+    file: (ctx) => {
+      const issue = mcpHttpAuthAndCallbackIssue(ctx);
+      return issue ? issue.filePath : '.codex/config.toml';
+    },
+    line: (ctx) => {
+      const issue = mcpHttpAuthAndCallbackIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
+  codexDesktopProjectMcpCaveatDocumented: {
+    id: 'CX-F08',
+    name: 'Project-scoped MCP docs caveat desktop or IDE behavior when relevant',
+    check: (ctx) => {
+      const issue = desktopProjectMcpCaveatIssue(ctx);
+      return issue ? false : (projectScopedMcpPresent(ctx) && /\bdesktop\b|\bide\b|\bextension\b/i.test(docsBundle(ctx)) ? true : null);
+    },
+    impact: 'medium',
+    rating: 3,
+    category: 'mcp',
+    fix: 'If repo-local MCP config is discussed for desktop or IDE use, note the trusted-project boundary and the possibility that user-global config may still matter on some surfaces.',
+    template: 'codex-agents-md',
+    file: (ctx) => {
+      const issue = desktopProjectMcpCaveatIssue(ctx);
+      return issue ? issue.filePath : primaryDocsPath(ctx);
+    },
+    line: (ctx) => {
+      const issue = desktopProjectMcpCaveatIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
   codexSkillsDirPresentWhenUsed: {
     id: 'CX-G01',
     name: '.agents/skills exists when Codex skills are used',
@@ -1941,6 +2433,54 @@ const CODEX_TECHNIQUES = {
       return issue ? issue.line : null;
     },
   },
+  codexJobMaxRuntimeExplicitForBatchAgents: {
+    id: 'CX-H05',
+    name: 'agents.job_max_runtime_seconds is explicit for batch-style subagent flows',
+    check: (ctx) => {
+      if (!batchStyleSubagentFlowPresent(ctx)) return null;
+      const issue = csvBatchAgentIssue(ctx);
+      return !issue;
+    },
+    impact: 'medium',
+    rating: 3,
+    category: 'agents',
+    fix: 'If custom agents use CSV or batch-style fanout fields, set `[agents] job_max_runtime_seconds` explicitly so worker runtime is bounded and reviewable.',
+    template: 'codex-config',
+    file: (ctx) => {
+      const issue = csvBatchAgentIssue(ctx);
+      return issue ? issue.filePath : '.codex/config.toml';
+    },
+    line: (ctx) => {
+      const issue = csvBatchAgentIssue(ctx);
+      return issue ? issue.line : configSectionKeyLine(ctx, 'agents', 'job_max_runtime_seconds');
+    },
+  },
+  codexNicknameCandidatesValid: {
+    id: 'CX-H06',
+    name: 'nickname_candidates are valid and unique when used',
+    check: (ctx) => {
+      const issue = nicknameCandidatesIssue(ctx);
+      const hasNicknameCandidates = (ctx.customAgentFiles ? ctx.customAgentFiles() : []).some((fileName) => {
+        const parsed = ctx.customAgentConfig(fileName);
+        return parsed.ok && parsed.data && parsed.data.nickname_candidates !== undefined;
+      });
+      if (!hasNicknameCandidates) return null;
+      return !issue;
+    },
+    impact: 'medium',
+    rating: 3,
+    category: 'agents',
+    fix: 'When custom agents use `nickname_candidates`, keep them non-empty, ASCII-safe, and unique across the repo so display names stay deterministic.',
+    template: null,
+    file: (ctx) => {
+      const issue = nicknameCandidatesIssue(ctx);
+      return issue ? issue.filePath : '.codex/agents';
+    },
+    line: (ctx) => {
+      const issue = nicknameCandidatesIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
   codexExecUsageSafe: {
     id: 'CX-I01',
     name: 'codex exec usage avoids unsafe automation defaults',
@@ -2026,6 +2566,71 @@ const CODEX_TECHNIQUES = {
       return issue ? issue.line : null;
     },
   },
+  codexAutomationAppRunningAcknowledged: {
+    id: 'CX-I05',
+    name: 'App-running prerequisite is acknowledged for Codex app automations',
+    check: (ctx) => {
+      const issue = automationAppRunningIssue(ctx);
+      return issue ? false : (appAutomationRelevant(ctx) ? true : null);
+    },
+    impact: 'medium',
+    rating: 3,
+    category: 'automation',
+    fix: 'If the repo documents Codex app automations, note that the app must be running and the selected project must be available on disk.',
+    template: 'codex-agents-md',
+    file: (ctx) => {
+      const issue = automationAppRunningIssue(ctx);
+      return issue ? issue.filePath : primaryDocsPath(ctx);
+    },
+    line: (ctx) => {
+      const issue = automationAppRunningIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
+  codexGitHubActionSinglePromptSource: {
+    id: 'CX-I06',
+    name: 'Codex GitHub Action uses exactly one prompt source',
+    check: (ctx) => {
+      const hasAction = workflowArtifacts(ctx).some((workflow) => /uses:\s*openai\/codex-action@/i.test(workflow.content));
+      if (!hasAction) return null;
+      return !codexActionPromptSourceIssue(ctx);
+    },
+    impact: 'high',
+    rating: 4,
+    category: 'automation',
+    fix: 'For each `openai/codex-action` workflow, choose exactly one prompt input: `prompt` or `prompt-file`.',
+    template: null,
+    file: (ctx) => {
+      const issue = codexActionPromptSourceIssue(ctx);
+      return issue ? issue.filePath : null;
+    },
+    line: (ctx) => {
+      const issue = codexActionPromptSourceIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
+  codexGitHubActionTriggerAllowlistsExplicit: {
+    id: 'CX-I07',
+    name: 'Codex GitHub Action uses trigger allowlists on externally triggered workflows',
+    check: (ctx) => {
+      if (!codexActionExternalTriggersPresent(ctx)) return null;
+      const issue = codexActionTriggerAllowlistIssue(ctx);
+      return !issue;
+    },
+    impact: 'high',
+    rating: 4,
+    category: 'automation',
+    fix: 'If a Codex Action workflow is triggered by comments or `pull_request_target`, set `allow-users` or `allow-bots` explicitly to constrain who can invoke it.',
+    template: null,
+    file: (ctx) => {
+      const issue = codexActionTriggerAllowlistIssue(ctx);
+      return issue ? issue.filePath : null;
+    },
+    line: (ctx) => {
+      const issue = codexActionTriggerAllowlistIssue(ctx);
+      return issue ? issue.line : null;
+    },
+  },
   codexReviewWorkflowDocumented: {
     id: 'CX-J01',
     name: 'Review workflow is available and documented',