@securityreviewai/securityreview-kit 0.1.36 → 0.1.38

package/README.md

@@ -31,7 +31,7 @@ npx @securityreviewai/securityreview-kit init --switch-project
 | Claude Code | `claude` | `.claude/settings.json` | `CLAUDE.md` |
 | VS Code Copilot | `vscode` | `.vscode/mcp.json` | `.github/copilot-instructions.md`, `.github/skills/threat-modelling/SKILL.md`, `.github/skills/guardrails-profiler/SKILL.md`, `.github/skills/guardrails-selection/SKILL.md`, `.github/agents/ctm_sync.agent.md`, `.github/hooks/srai-session-policy.json` |
 | Windsurf | `windsurf` | `.windsurf/mcp_config.json` | `.windsurf/rules/srai-security-review.md` |
-| Codex | `codex` | `.codex/config.toml` | `AGENTS.md` |
+| Codex | `codex` | `.codex/config.toml` | `.codex/AGENTS.md`, `.codex/skills/threat-modelling/SKILL.md`, `.codex/skills/guardrails-profiler/SKILL.md`, `.codex/skills/guardrails-selection/SKILL.md`, `.codex/agents/ctm_sync.toml`, `.codex/hooks.json`, `.codex/commands/guardrails-init-profile.md` |
 | Gemini CLI | `gemini` | `.gemini/settings.json` | `GEMINI.md` |
 | Antigravity | `antigravity` | `.gemini/settings.json` | `.agents/rules/srai-security-review.md` |
 
@@ -54,6 +54,9 @@ Options:
   --profile-repo          Run the guardrails profiler after init
   --profiler-copilot-login
                           Run GitHub Copilot CLI login before VS Code Copilot profiling
+  --profiler-codex-login  Run Codex login before Codex profiling
+  --profiler-verbose      Show live profiler output while profiling runs
+  --show-profiler-logs    Alias for --profiler-verbose
 ```
 
 ### `@securityreviewai/securityreview-kit init --switch-project`

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@securityreviewai/securityreview-kit",
-  "version": "0.1.36",
+  "version": "0.1.38",
   "description": "Bootstrap security-review-mcp for AI IDEs and CLI tools",
   "author": "Debarshi Das <debarshi.das@we45.com>",
   "license": "UNLICENSED",

package/src/cli.js

@@ -41,6 +41,10 @@ export function run() {
             '--profiler-copilot-login',
             'Before VS Code Copilot profiling, run `copilot login` in this terminal',
         )
+        .option(
+            '--profiler-codex-login',
+            'Before Codex profiling, run `codex login --device-auth` in this terminal',
+        )
         .option(
             '--profiler-quiet',
             'When profiling, use the standard progress message (default; retained for compatibility)',
@@ -49,6 +53,10 @@ export function run() {
             '--profiler-verbose',
             'When profiling, show live agent output for troubleshooting',
         )
+        .option(
+            '--show-profiler-logs',
+            'Alias for --profiler-verbose; show live profiler logs while profiling runs',
+        )
         .action(async (options) => {
             try {
                 if (options.switchProject) {

package/src/commands/init.js

@@ -6,6 +6,7 @@ import { ensureIdeClisForTargets } from '../utils/ide-cli-install.js';
 import { writeGuardrailsSkillBundles } from '../utils/guardrails-profiler-bundle.js';
 import {
     pickProfilerAgentTarget,
+    runCodexLogin,
     runCopilotLogin,
     runCursorAgentLogin,
     runProfilerAgent,
@@ -485,27 +486,64 @@ export async function initCommand(options) {
                     }
                     console.log('');
                 }
+            } else if (agentTarget === 'codex') {
+                console.log(
+                    chalk.dim(
+                        '  Codex: profiling passes the SRAI MCP server directly to `codex exec` for this run.',
+                    ),
+                );
+
+                let runLogin = Boolean(options.profilerCodexLogin);
+                if (!runLogin && interactive) {
+                    runLogin = await confirm({
+                        message:
+                            'Run Codex login in this terminal now? (Same init — profiling runs next. Choose No if already signed in.)',
+                        default: true,
+                    });
+                }
+                if (runLogin) {
+                    console.log('');
+                    console.log(chalk.bold.white('  Codex login'));
+                    console.log(chalk.dim('  Complete the device-code prompt, then return here.\n'));
+                    const loginResult = runCodexLogin(cwd);
+                    if (loginResult.ok) {
+                        console.log(chalk.green('  \u2713 Codex login step finished.'));
+                    } else {
+                        console.log(
+                            chalk.yellow(
+                                `  \u26a0  Codex login exited with status ${loginResult.status ?? 'unknown'}. Profiling will still be attempted; sign in and re-run init if it fails.`,
+                            ),
+                        );
+                    }
+                    console.log('');
+                }
             } else {
                 console.log(chalk.dim('  (Sign-in or approvals may be required in your terminal.)'));
             }
             console.log('');
+            const profilerVerbose = Boolean(options.profilerVerbose || options.showProfilerLogs);
             const showProfilerOutput = Boolean(
-                options.profilerVerbose || (agentTarget === 'cursor' && options.profilerNoTrust),
+                profilerVerbose || (agentTarget === 'cursor' && options.profilerNoTrust),
             );
             if (showProfilerOutput) {
-                console.log(chalk.dim('  Profiling in progress. Agent output is visible for this run...'));
+                console.log(chalk.dim('  Profiling in progress. Live profiler logs are visible for this run...'));
             } else {
                 console.log(chalk.dim('  Profiling in progress. This can take a few minutes...'));
             }
             const pr = runProfilerAgent(cwd, {
                 target: agentTarget,
                 projectName: projectNameForSkill,
+                apiUrl: envVars?.apiUrl,
+                apiToken: envVars?.apiToken,
                 cursorTrust: !options.profilerNoTrust,
-                streamProgress: Boolean(options.profilerVerbose),
+                streamProgress: profilerVerbose,
                 showOutput: showProfilerOutput,
             });
             if (pr.ok) {
                 console.log(chalk.green('  \u2713 Profiler agent finished.'));
+                if (pr.logPath) {
+                    console.log(chalk.dim(`  Profiler log saved to ${pr.logPath}`));
+                }
             } else {
                 const detail =
                     pr.message ||
@@ -515,6 +553,9 @@ export async function initCommand(options) {
                         `  \u26a0  Profiler agent exited with an error: ${detail}. You can run the guardrails-init-profile workflow manually.`,
                     ),
                 );
+                if (pr.logPath) {
+                    console.log(chalk.dim(`  Profiler log saved to ${pr.logPath}`));
+                }
                 if (agentTarget === 'cursor') {
                     console.log('');
                     console.log(chalk.dim('  Typical fixes:'));
@@ -551,6 +592,24 @@ export async function initCommand(options) {
                             '    • MCP missing: re-run init with VS Code selected and MCP installation enabled so `.vscode/mcp.json` is written.',
                         ),
                     );
+                } else if (agentTarget === 'codex') {
+                    console.log('');
+                    console.log(chalk.dim('  Typical fixes:'));
+                    console.log(
+                        chalk.dim(
+                            '    • Not signed in: re-run `securityreview-kit init` and choose Yes for Codex login, or pass `--profiler-codex-login` with `--profile-repo`.',
+                        ),
+                    );
+                    console.log(
+                        chalk.dim(
+                            '    • CLI missing: install Codex CLI and verify `codex --version`.',
+                        ),
+                    );
+                    console.log(
+                        chalk.dim(
+                            '    • MCP missing: re-run init with Codex selected and MCP installation enabled so the SRAI credentials are available for profiling.',
+                        ),
+                    );
                 }
             }
         }

package/src/generators/mcp/codex.js

@@ -2,6 +2,29 @@ import { join } from 'node:path';
 import { readText, writeText, ensureDir } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
 
+function ensureHooksFeature(existing) {
+    const featureLine = 'codex_hooks = true';
+    const featuresHeader = '[features]';
+
+    if (!existing) {
+        return `${featuresHeader}\n${featureLine}`;
+    }
+
+    if (existing.includes(featuresHeader)) {
+        const featuresSectionPattern = /(\[features\][\s\S]*?)(?=\n\[[^\]]+\]|$)/;
+        return existing.replace(featuresSectionPattern, (section) => {
+            if (/\bcodex_hooks\s*=/.test(section)) {
+                return section.replace(/codex_hooks\s*=\s*(true|false)/, featureLine);
+            }
+            const separator = section.endsWith('\n') ? '' : '\n';
+            return `${section}${separator}${featureLine}\n`;
+        });
+    }
+
+    const separator = existing.endsWith('\n') ? '\n' : '\n\n';
+    return `${existing}${separator}${featuresHeader}\n${featureLine}\n`;
+}
+
 /**
  * Generate Codex MCP config at .codex/config.toml
  * Codex uses TOML format. We use simple string templating since the structure
@@ -21,23 +44,25 @@ SECURITY_REVIEW_API_URL = "${envVars.apiUrl}"
 SECURITY_REVIEW_API_TOKEN = "${envVars.apiToken}"
 `.trim();
 
+    const existingWithHooks = ensureHooksFeature(existing).trim();
+
     // Check if we already have this server configured
-    if (existing.includes(`[mcp_servers.${MCP_SERVER_NAME}]`)) {
+    if (existingWithHooks.includes(`[mcp_servers.${MCP_SERVER_NAME}]`)) {
         // Replace the existing block — find from the server header to the next
         // section header or end of file
         const regex = new RegExp(
             `\\[mcp_servers\\.${MCP_SERVER_NAME}\\][\\s\\S]*?(?=\\n\\[(?!mcp_servers\\.${MCP_SERVER_NAME})|$)`,
         );
-        const updated = existing.replace(regex, serverBlock);
+        const updated = existingWithHooks.replace(regex, serverBlock);
         writeText(filePath, updated);
-    } else if (existing) {
+    } else if (existingWithHooks) {
         // Append to existing file
-        const separator = existing.endsWith('\n') ? '\n' : '\n\n';
-        writeText(filePath, existing + separator + serverBlock + '\n');
+        const separator = existingWithHooks.endsWith('\n') ? '\n' : '\n\n';
+        writeText(filePath, existingWithHooks + separator + serverBlock + '\n');
     } else {
         // New file
         ensureDir(join(cwd, '.codex'));
-        writeText(filePath, serverBlock + '\n');
+        writeText(filePath, existingWithHooks + '\n\n' + serverBlock + '\n');
     }
 
     return filePath;

package/src/generators/mcp/codex.test.js

@@ -0,0 +1,42 @@
+import { mkdtempSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { generate } from './codex.js';
+
+test('Codex MCP generator enables hooks and writes MCP server block', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-codex-mcp-'));
+
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+
+    const config = readFileSync(join(cwd, '.codex/config.toml'), 'utf8');
+    assert.match(config, /\[features\]\ncodex_hooks = true/);
+    assert.match(config, /\[mcp_servers\.security-review-mcp\]/);
+    assert.match(config, /SECURITY_REVIEW_API_URL = "https:\/\/example\.test"/);
+});
+
+test('Codex MCP generator preserves existing features while forcing codex_hooks', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-codex-mcp-merge-'));
+    const configPath = join(cwd, '.codex', 'config.toml');
+    mkdirSync(join(cwd, '.codex'), { recursive: true });
+
+    writeFileSync(
+        configPath,
+        '[features]\nshell_snapshot = true\ncodex_hooks = false\n\n[profiles.default]\nmodel = "gpt-5.4"\n',
+        'utf8',
+    );
+
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+
+    const config = readFileSync(configPath, 'utf8');
+    assert.match(config, /\[features\][\s\S]*shell_snapshot = true/);
+    assert.match(config, /\[features\][\s\S]*codex_hooks = true/);
+    assert.match(config, /\[profiles\.default\]\nmodel = "gpt-5\.4"/);
+});

package/src/generators/rules/codex.js

@@ -1,28 +1,146 @@
+import { existsSync } from 'node:fs';
 import { join } from 'node:path';
-import { GUARDRAILS_PROFILER_SKILL_REL_DIR, GUARDRAILS_SELECTION_SKILL_REL_DIR } from '../../utils/constants.js';
+import {
+    CTM_SYNC_AGENT_REL_PATH,
+    GUARDRAILS_PROFILER_SKILL_REL_DIR,
+    GUARDRAILS_SELECTION_SKILL_REL_DIR,
+    THREAT_MODELLING_SKILL_REL_DIR,
+} from '../../utils/constants.js';
 import { upsertSentinelBlock, writeText } from '../../utils/fs-helpers.js';
-import { getRuleContent, getGuardrailsInitProfileContent } from './content.js';
+import {
+    getCtmSyncWorkflowContent,
+    getGuardrailsInitProfileContent,
+    getRuleContent,
+    getThreatModellingSkillContent,
+} from './content.js';
+
+function writeGeneratedText(filePath, content) {
+    const action = existsSync(filePath) ? 'updated' : 'created';
+    writeText(filePath, content);
+    return { filePath, action };
+}
+
+function getCodexSessionHookContent() {
+    const additionalContext = [
+        '## MANDATORY SECURITY GATE (Session Policy)',
+        '',
+        'For any request with security impact (auth, authorization, crypto, input handling, secrets, network, data storage, dependencies, new APIs/endpoints, infrastructure, or code handling untrusted data), follow this order:',
+        '',
+        '1. Fetch Vibe Guardrails first using .codex/skills/guardrails-selection/SKILL.md. Resolve the project, call get_guardrails, shortlist relevant guardrails, then call get_guardrail_by_id for the shortlist.',
+        '2. Run PWNISMS threat modelling using .codex/skills/threat-modelling/SKILL.md. Explicitly walk Product, Workload, Network, IAM, Secrets, Monitoring, and Supply Chain.',
+        '3. Implement secure code using both the hydrated guardrails and PWNISMS findings.',
+        '4. Invoke the ctm_sync subagent using .codex/agents/ctm_sync.toml after threat modelling or guardrail enforcement. Reuse the exact guardrail shortlist; do not re-query guardrails during CTM sync.',
+        '',
+        'Do not use project-profile exploration tools during normal coding tasks. No blocking and no deferral: guardrails first, PWNISMS second, implementation third, ctm_sync last.',
+    ].join('\n');
+
+    const sessionStartPayload = JSON.stringify({
+        hookSpecificOutput: {
+            hookEventName: 'SessionStart',
+            additionalContext,
+        },
+    });
+    const userPromptPayload = JSON.stringify({
+        hookSpecificOutput: {
+            hookEventName: 'UserPromptSubmit',
+            additionalContext,
+        },
+    });
+
+    return JSON.stringify(
+        {
+            hooks: {
+                SessionStart: [
+                    {
+                        matcher: 'startup|resume',
+                        hooks: [
+                            {
+                                type: 'command',
+                                command: `printf '%s\\n' '${sessionStartPayload.replaceAll("'", "'\\''")}'`,
+                                timeout: 5,
+                                statusMessage: 'Loading SRAI security session policy',
+                            },
+                        ],
+                    },
+                ],
+                UserPromptSubmit: [
+                    {
+                        hooks: [
+                            {
+                                type: 'command',
+                                command: `printf '%s\\n' '${userPromptPayload.replaceAll("'", "'\\''")}'`,
+                                timeout: 5,
+                                statusMessage: 'Refreshing SRAI security session policy',
+                            },
+                        ],
+                    },
+                ],
+            },
+        },
+        null,
+        2,
+    ) + '\n';
+}
+
+function getAgentBody(content) {
+    return content.replace(/^---\n[\s\S]*?\n---\n*/, '').trim();
+}
+
+function getCodexCtmSyncAgentContent(options = {}) {
+    const developerInstructions = getAgentBody(getCtmSyncWorkflowContent(options));
+    return [
+        'name = "ctm_sync"',
+        'description = "Synchronize threat-model and guardrail data to SRAI after security-relevant work."',
+        "developer_instructions = '''",
+        developerInstructions,
+        "'''",
+        '',
+    ].join('\n');
+}
 
 /**
  * Generate Codex workspace rule — appends to AGENTS.md
  */
 export function generate(cwd, options = {}) {
-    const filePath = join(cwd, 'AGENTS.md');
-    const content = getRuleContent({
+    const optionsWithSkillDirs = {
         ...options,
         guardrailsSelectionSkillDir: GUARDRAILS_SELECTION_SKILL_REL_DIR.codex,
-    });
+        threatModellingSkillDir: THREAT_MODELLING_SKILL_REL_DIR.codex,
+        ctmSyncAgentPath: CTM_SYNC_AGENT_REL_PATH.codex,
+    };
+    const filePath = join(cwd, '.codex', 'AGENTS.md');
+    const content = getRuleContent(optionsWithSkillDirs);
     const action = upsertSentinelBlock(filePath, content);
 
+    const threatSkillPath = join(cwd, THREAT_MODELLING_SKILL_REL_DIR.codex, 'SKILL.md');
+    const threatSkill = writeGeneratedText(
+        threatSkillPath,
+        getThreatModellingSkillContent(optionsWithSkillDirs),
+    );
+
+    const ctmSyncAgentPath = join(cwd, CTM_SYNC_AGENT_REL_PATH.codex);
+    const ctmSyncAgent = writeGeneratedText(
+        ctmSyncAgentPath,
+        getCodexCtmSyncAgentContent(optionsWithSkillDirs),
+    );
+
+    const hooksPath = join(cwd, '.codex', 'hooks.json');
+    const hooks = writeGeneratedText(hooksPath, getCodexSessionHookContent());
+
     const guardrailsInitPath = join(cwd, '.codex', 'commands', 'guardrails-init-profile.md');
-    const guardrailsInitContent = getGuardrailsInitProfileContent({
-        ...options,
-        guardrailsSkillDir: GUARDRAILS_PROFILER_SKILL_REL_DIR.codex,
-    });
-    writeText(guardrailsInitPath, guardrailsInitContent);
+    const guardrailsInit = writeGeneratedText(
+        guardrailsInitPath,
+        getGuardrailsInitProfileContent({
+            ...optionsWithSkillDirs,
+            guardrailsSkillDir: GUARDRAILS_PROFILER_SKILL_REL_DIR.codex,
+        }),
+    );
 
     return [
         { filePath, action, kind: 'rule' },
-        { filePath: guardrailsInitPath, action: 'created', kind: 'command' },
+        { ...threatSkill, kind: 'skill' },
+        { ...ctmSyncAgent, kind: 'agent' },
+        { ...hooks, kind: 'hooks' },
+        { ...guardrailsInit, kind: 'command' },
     ];
 }

package/src/generators/rules/codex.test.js

@@ -0,0 +1,50 @@
+import { existsSync, mkdtempSync, readFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { generate } from './codex.js';
+
+test('Codex generator writes AGENTS, skills, subagent, hooks, and profiling command', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-codex-'));
+
+    const results = generate(cwd, { projectName: 'SmokeProject' });
+
+    const expectedPaths = [
+        '.codex/AGENTS.md',
+        '.codex/skills/threat-modelling/SKILL.md',
+        '.codex/agents/ctm_sync.toml',
+        '.codex/hooks.json',
+        '.codex/commands/guardrails-init-profile.md',
+    ];
+
+    for (const relPath of expectedPaths) {
+        assert.equal(existsSync(join(cwd, relPath)), true, `${relPath} should exist`);
+    }
+
+    assert.deepEqual(results.map((entry) => entry.kind), ['rule', 'skill', 'agent', 'hooks', 'command']);
+
+    const instructions = readFileSync(join(cwd, '.codex/AGENTS.md'), 'utf8');
+    assert.match(instructions, /\.codex\/skills\/guardrails-selection\/SKILL\.md/);
+    assert.match(instructions, /\.codex\/skills\/threat-modelling\/SKILL\.md/);
+    assert.match(instructions, /\.codex\/agents\/ctm_sync\.toml/);
+    assert.doesNotMatch(instructions, /\.cursor/);
+    assert.doesNotMatch(instructions, /\.agents\/skills/);
+
+    const threatSkill = readFileSync(join(cwd, '.codex/skills/threat-modelling/SKILL.md'), 'utf8');
+    for (const heading of ['Product', 'Workload', 'Network', 'IAM', 'Secrets', 'Monitoring', 'Supply Chain']) {
+        assert.match(threatSkill, new RegExp(heading));
+    }
+    assert.match(threatSkill, /\.codex\/agents\/ctm_sync\.toml/);
+    assert.doesNotMatch(threatSkill, /get_project_profile_description/);
+
+    const agent = readFileSync(join(cwd, '.codex/agents/ctm_sync.toml'), 'utf8');
+    assert.match(agent, /name = "ctm_sync"/);
+    assert.match(agent, /developer_instructions = '''/);
+    assert.match(agent, /Configured SRAI project name: `SmokeProject`/);
+
+    const hooks = JSON.parse(readFileSync(join(cwd, '.codex/hooks.json'), 'utf8'));
+    assert.equal(hooks.hooks.SessionStart[0].hooks[0].type, 'command');
+    assert.equal(hooks.hooks.UserPromptSubmit[0].hooks[0].type, 'command');
+    assert.match(hooks.hooks.UserPromptSubmit[0].hooks[0].command, /"hookEventName":"UserPromptSubmit"/);
+});

package/src/generators/rules/guardrails-init-profile.md

@@ -38,3 +38,9 @@ From the repo root, non-interactive runs should load the SRAI MCP server and all
 `copilot -p "<your profiling instructions>" --additional-mcp-config '{"mcpServers":{"security-review-mcp":{"type":"stdio","command":"npx","args":["-y","@securityreviewai/security-review-mcp@latest"]}}}' --allow-all`
 
 During `securityreview-kit init`, choose **Yes** when asked to run GitHub Copilot CLI login, or pass **`--profiler-copilot-login`** with **`--profile-repo`** so `copilot login` and profiling stay in one run.
+
+## Codex CLI (scripted)
+
+From the repo root, non-interactive runs should execute via `codex exec` and include the SRAI MCP server configuration for that run.
+
+During `securityreview-kit init`, choose **Yes** when asked to run Codex login, or pass **`--profiler-codex-login`** with **`--profile-repo`** so `codex login --device-auth` and profiling stay in one run.

package/src/generators/rules/guardrails-profiler/SKILL.md

@@ -11,7 +11,7 @@ Configured SRAI project name: `<SRAI_PROJECT_NAME>`
 
 ## Canonical paths
 
-- **This skill & signal registry (read-only):** `<GUARDRAILS_SKILL_DIR>/` — e.g. `.cursor/skills/guardrails-profiler`, `.github/skills/guardrails-profiler`, `.claude/skills/guardrails-profiler`, or `.codex/skills/guardrails-profiler` depending on where this file was installed.
+- **This skill & signal registry (read-only):** `<GUARDRAILS_SKILL_DIR>/` — e.g. `.cursor/skills/guardrails-profiler`, `.github/skills/guardrails-profiler`, `.claude/skills/guardrails-profiler`, or `.codex/skills/guardrails-profiler` for Codex depending on where this file was installed.
 - **Signal registry file:** `<GUARDRAILS_SKILL_DIR>/references/signal-registry.json`
 - **Local guardrails file:** `.guardrails/profile.json`
 - **Combined manifest (project root):** `profile.json` — includes guardrails profile, vibe profile fields for MCP, and default pack payload

package/src/utils/constants.js

@@ -38,7 +38,7 @@ export const TARGETS = {
     codex: {
         name: 'Codex',
         mcpConfigPath: '.codex/config.toml',
-        rulePath: 'AGENTS.md',
+        rulePath: '.codex/AGENTS.md',
         ruleMode: 'append',
         detectDirs: ['.codex'],
     },
@@ -79,12 +79,14 @@ export const GUARDRAILS_SELECTION_SKILL_REL_DIR = {
 export const THREAT_MODELLING_SKILL_REL_DIR = {
     cursor: '.cursor/skills/threat-modelling',
     vscode: '.github/skills/threat-modelling',
+    codex: '.codex/skills/threat-modelling',
 };
 
 /** Relative workspace paths for the CTM sync agent/workflow (per IDE / CLI). */
 export const CTM_SYNC_AGENT_REL_PATH = {
     cursor: '.cursor/agents/ctm_sync.md',
     vscode: '.github/agents/ctm_sync.agent.md',
+    codex: '.codex/agents/ctm_sync.toml',
 };
 
 export const SENTINEL_START = '<!-- securityreview-kit:start -->';

package/src/utils/profiler-agent.js

@@ -1,8 +1,8 @@
 import { spawnSync } from 'node:child_process';
 import { join } from 'node:path';
-import { GUARDRAILS_PROFILER_SKILL_REL_DIR, MCP_SERVER_NAME } from './constants.js';
+import { GUARDRAILS_PROFILER_SKILL_REL_DIR, MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from './constants.js';
 import { augmentPathEnv, resolveCursorAgentExecutable } from './cursor-agent-path.js';
-import { readJson } from './fs-helpers.js';
+import { readJson, readText, writeText } from './fs-helpers.js';
 
 const PREFERRED_ORDER = ['cursor', 'vscode', 'claude', 'codex'];
 
@@ -11,6 +11,43 @@ function commandOk(cmd, args = ['--version'], env = process.env) {
     return r.status === 0;
 }
 
+export function getProfilerLogPath(cwd, target) {
+    return join(cwd, '.guardrails', 'logs', `profiler-${target}.log`);
+}
+
+function buildProfilerEnv(target, streamProgress) {
+    const env = augmentPathEnv(process.env);
+    if (target === 'codex' && streamProgress && !env.RUST_LOG) {
+        env.RUST_LOG = 'info';
+    }
+    return env;
+}
+
+function persistProfilerLog(cwd, target, result) {
+    if (!result || (result.stdout == null && result.stderr == null)) {
+        return null;
+    }
+
+    const stdout = String(result.stdout || '');
+    const stderr = String(result.stderr || '');
+    const body = [
+        `target=${target}`,
+        `status=${result.status ?? ''}`,
+        `signal=${result.signal ?? ''}`,
+        '',
+        '--- stdout ---',
+        stdout,
+        '',
+        '--- stderr ---',
+        stderr,
+        '',
+    ].join('\n');
+
+    const logPath = getProfilerLogPath(cwd, target);
+    writeText(logPath, body);
+    return logPath;
+}
+
 export function buildProfilerAgentPrompt(projectName, agentTarget = 'cursor') {
     const p = String(projectName || '').trim() || '<SRAI_PROJECT_NAME>';
     const skillRoot =
@@ -72,6 +109,55 @@ export function runCopilotLogin(cwd) {
     return { ok: r.status === 0, status: r.status, message: r.status !== 0 ? spawnErr : undefined };
 }
 
+/**
+ * Run Codex login in the current terminal. Device auth keeps the flow in-terminal.
+ */
+export function runCodexLogin(cwd) {
+    const env = augmentPathEnv(process.env);
+    if (!commandOk('codex', ['--version'], env)) {
+        return {
+            ok: false,
+            status: null,
+            message: 'Codex CLI not found (`codex`). Install with `npm install -g @openai/codex`.',
+        };
+    }
+    const r = spawnSync('codex', ['login', '--device-auth'], { cwd, stdio: 'inherit', env });
+    const spawnErr = r.error ? r.error.message : null;
+    if (r.status === null && spawnErr) {
+        return { ok: false, status: null, message: spawnErr };
+    }
+    return { ok: r.status === 0, status: r.status, message: r.status !== 0 ? spawnErr : undefined };
+}
+
+function escapeTomlString(value) {
+    return String(value || '').replaceAll('\\', '\\\\').replaceAll('"', '\\"');
+}
+
+function readCodexMcpEnv(cwd) {
+    const config = readText(join(cwd, '.codex', 'config.toml'));
+    const apiUrl = config.match(/^\s*SECURITY_REVIEW_API_URL\s*=\s*"([^"]*)"/m)?.[1] || '';
+    const apiToken = config.match(/^\s*SECURITY_REVIEW_API_TOKEN\s*=\s*"([^"]*)"/m)?.[1] || '';
+    return { apiUrl, apiToken };
+}
+
+export function buildCodexConfigOverrides(cwd, overrides = {}) {
+    const fileValues = readCodexMcpEnv(cwd);
+    const apiUrl = String(overrides.apiUrl || fileValues.apiUrl || '').trim();
+    const apiToken = String(overrides.apiToken || fileValues.apiToken || '').trim();
+
+    if (!apiUrl || !apiToken) {
+        return null;
+    }
+
+    return [
+        'features.codex_hooks=true',
+        `mcp_servers.${MCP_SERVER_NAME}.command="npx"`,
+        `mcp_servers.${MCP_SERVER_NAME}.args=["-y","${MCP_SERVER_PACKAGE}@latest"]`,
+        `mcp_servers.${MCP_SERVER_NAME}.env.SECURITY_REVIEW_API_URL="${escapeTomlString(apiUrl)}"`,
+        `mcp_servers.${MCP_SERVER_NAME}.env.SECURITY_REVIEW_API_TOKEN="${escapeTomlString(apiToken)}"`,
+    ];
+}
+
 export function pickProfilerAgentTarget(targets) {
     for (const t of PREFERRED_ORDER) {
         if (targets.includes(t)) {
@@ -94,10 +180,18 @@ export function pickProfilerAgentTarget(targets) {
  */
 export function runProfilerAgent(
     cwd,
-    { target, projectName, cursorTrust = true, streamProgress = false, showOutput = streamProgress },
+    {
+        target,
+        projectName,
+        apiUrl,
+        apiToken,
+        cursorTrust = true,
+        streamProgress = false,
+        showOutput = streamProgress,
+    },
 ) {
     const prompt = buildProfilerAgentPrompt(projectName, target);
-    const env = augmentPathEnv(process.env);
+    const env = buildProfilerEnv(target, streamProgress);
     const opts = showOutput
         ? { cwd, stdio: 'inherit', env }
         : { cwd, stdio: ['ignore', 'pipe', 'pipe'], env, encoding: 'utf8', maxBuffer: 10 * 1024 * 1024 };
@@ -129,7 +223,7 @@ export function runProfilerAgent(
         if (r.error) {
             return { ok: false, message: r.error.message };
         }
-        return buildProfilerResult(r);
+        return buildProfilerResult(r, { logPath: showOutput ? null : persistProfilerLog(cwd, target, r) });
     }
 
     if (target === 'claude') {
@@ -140,16 +234,31 @@ export function runProfilerAgent(
             ? ['-p', '--output-format', 'stream-json', '--include-partial-messages', '--verbose', prompt]
             : ['-p', prompt];
         const r = spawnSync('claude', args, opts);
-        return buildProfilerResult(r);
+        return buildProfilerResult(r, { logPath: showOutput ? null : persistProfilerLog(cwd, target, r) });
     }
 
     if (target === 'codex') {
         if (!commandOk('codex', ['--version'], env)) {
             return { ok: false, message: 'codex not on PATH' };
         }
-        const args = streamProgress ? ['exec', '--json', prompt] : ['exec', prompt];
+        const configOverrides = buildCodexConfigOverrides(cwd, { apiUrl, apiToken });
+        if (!configOverrides) {
+            return {
+                ok: false,
+                message:
+                    'Codex profiling needs SRAI MCP credentials. Re-run init with Codex selected and MCP installation enabled.',
+            };
+        }
+        const args = ['exec', '--full-auto'];
+        for (const override of configOverrides) {
+            args.push('-c', override);
+        }
+        if (streamProgress) {
+            args.push('--json');
+        }
+        args.push(prompt);
         const r = spawnSync('codex', args, opts);
-        return buildProfilerResult(r);
+        return buildProfilerResult(r, { logPath: showOutput ? null : persistProfilerLog(cwd, target, r) });
     }
 
     if (target === 'vscode') {
@@ -177,7 +286,7 @@ export function runProfilerAgent(
             args.push('--output-format', 'json');
         }
         const r = spawnSync('copilot', args, opts);
-        return buildProfilerResult(r);
+        return buildProfilerResult(r, { logPath: showOutput ? null : persistProfilerLog(cwd, target, r) });
     }
 
     return { ok: false, message: 'unsupported agent target' };
@@ -207,13 +316,13 @@ export function buildCopilotAdditionalMcpConfig(cwd) {
     });
 }
 
-function buildProfilerResult(result) {
+function buildProfilerResult(result, extras = {}) {
     if (result.error) {
-        return { ok: false, status: result.status, message: result.error.message };
+        return { ok: false, status: result.status, message: result.error.message, ...extras };
     }
 
     if (result.status === 0) {
-        return { ok: true, status: result.status };
+        return { ok: true, status: result.status, ...extras };
     }
 
     const outputTail = summarizeProfilerOutput(result.stderr || result.stdout || '');
@@ -228,6 +337,7 @@ function buildProfilerResult(result) {
         ok: false,
         status: result.status,
         message: outputTail ? `${exitDetail}; last output: ${outputTail}` : exitDetail,
+        ...extras,
     };
 }
 

package/src/utils/profiler-agent.test.js

@@ -4,6 +4,7 @@ import { join } from 'node:path';
 import { test } from 'node:test';
 import assert from 'node:assert/strict';
 import {
+    buildCodexConfigOverrides,
     buildCopilotAdditionalMcpConfig,
     pickProfilerAgentTarget,
 } from './profiler-agent.js';
@@ -39,3 +40,34 @@ test('buildCopilotAdditionalMcpConfig converts VS Code MCP config', () => {
     assert.equal(converted.mcpServers['security-review-mcp'].command, 'npx');
     assert.deepEqual(converted.mcpServers['security-review-mcp'].tools, ['*']);
 });
+
+test('buildCodexConfigOverrides builds inline MCP config for profiling', () => {
+    const cwd = join(tmpdir(), `securityreview-kit-codex-${Date.now()}`);
+    mkdirSync(join(cwd, '.codex'), { recursive: true });
+    writeFileSync(
+        join(cwd, '.codex', 'config.toml'),
+        [
+            '[features]',
+            'codex_hooks = true',
+            '',
+            '[mcp_servers.security-review-mcp]',
+            'command = "npx"',
+            'args = ["-y", "@securityreviewai/security-review-mcp@latest"]',
+            '',
+            '[mcp_servers.security-review-mcp.env]',
+            'SECURITY_REVIEW_API_URL = "https://api.example.test"',
+            'SECURITY_REVIEW_API_TOKEN = "token"',
+            '',
+        ].join('\n'),
+    );
+
+    const overrides = buildCodexConfigOverrides(cwd);
+
+    assert.deepEqual(overrides, [
+        'features.codex_hooks=true',
+        'mcp_servers.security-review-mcp.command="npx"',
+        'mcp_servers.security-review-mcp.args=["-y","@securityreviewai/security-review-mcp@latest"]',
+        'mcp_servers.security-review-mcp.env.SECURITY_REVIEW_API_URL="https://api.example.test"',
+        'mcp_servers.security-review-mcp.env.SECURITY_REVIEW_API_TOKEN="token"',
+    ]);
+});