Krux
May 15, 2026
OpenAI Built a Custom Windows Sandbox for Codex
Published: May 15, 2026 at 12:10 AM
Updated: May 15, 2026 at 12:10 AM
100-word summary
OpenAI couldn't find an existing Windows security tool strong enough for Codex, so they built their own. Standard options like AppContainer proved too restrictive for the unpredictable tasks developers throw at AI coding assistants. The solution requires four separate programs working together, plus admin rights during setup. It locks file writes to your project folder using a synthetic security ID and blocks network calls by faking environment variables like HTTPS_PROXY to point at dummy endpoints. Translation: running AI-generated code safely on Windows is complicated enough that even OpenAI needed three tries to get it right. If your company wants to ship similar tools, plan for months of OS-specific security engineering,...
What happened
OpenAI couldn't find an existing Windows security tool strong enough for Codex, so they built their own. Standard options like AppContainer proved too restrictive for the unpredictable tasks developers throw at AI coding assistants. The solution requires four separate programs working together, plus admin rights during setup. It locks file writes to your project folder using a synthetic security ID and blocks network calls by faking environment variables like HTTPS_PROXY to point at dummy endpoints.
Why it matters
Translation: running AI-generated code safely on Windows is complicated enough that even OpenAI needed three tries to get it right. If your company wants to ship similar tools, plan for months of OS-specific security engineering, not just an API wrapper.