regenrek/codex-sandbox
skills/codex-sandbox/SKILL.md
Create and manage per-task isolated git clones (sandboxes) for Codex CLI sessions, with automatic branch creation and safety hooks that block committing/pushing on main/master. Use when running multiple Codex sessions or parallel tasks and you want to avoid git worktree friction, cwd/branch mixups, or environment collisions.
$ install --global
skillsauthnpx skillsauth add regenrek/agent-skills codex-sandboxInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 11, 2026, 11:15 PM42.4s4 files scanned
SKILL.md
- name:
- codex-sandbox
- description:
- Create and manage per-task isolated git clones (sandboxes) for Codex CLI sessions, with automatic branch creation and safety hooks that block committing/pushing on main/master. Use when running multiple Codex sessions or parallel tasks and you want to avoid git worktree friction, cwd/branch mixups, or environment collisions.
Codex Sandboxes
Create one directory per task and run the agent inside that directory. Prefer this over git worktrees when:
- Codex or other agents sometimes use the wrong current working directory.
- You want full isolation for .env, node_modules, build outputs, ports, and dev servers.
- You want a simple mental model: one task equals one folder equals one branch.
This skill bundles a small Python CLI plus a Bash wrapper:
scripts/codex_sandbox.py(primary)scripts/codex-task(convenience)
Locate the skill directory
Run the scripts from the skill folder, depending on where you installed it:
- Repo-scoped:
$REPO_ROOT/.codex/skills/codex-sandboxes - User-scoped:
$CODEX_HOME/skills/codex-sandboxes(macOS/Linux default:~/.codex/skills/codex-sandboxes)
Use git rev-parse --show-toplevel to get $REPO_ROOT.
Quick start (agent-only)
This skill is always invoked by an agent. Do not run it manually.
Example command the agent should run:
SKILL_DIR="$(git rev-parse --show-toplevel)/.codex/skills/codex-sandboxes"
python3 "$SKILL_DIR/scripts/codex_sandbox.py" new fix-123
The command will:
- Detect the repo remote (default:
origin). - Create or update a local bare mirror.
- Clone a sandbox directory under a base directory.
- Create/switch to a task branch from
origin/main. - Set upstream tracking to
origin/<branch>(pushes once if needed). - Install safety hooks that block commit/push on
main/master.
How to instruct the agent
Always request this via the agent. Provide:
- Task name (used for sandbox + branch name).
- Any non-default base directory (e.g.
--base-dir ~/projects). - Any non-default base branch or remote.
If you do not provide extra details, the agent should use defaults. If the task name is ambiguous or missing, the agent should ask back.
Example prompt to the agent:
Use codex-sandbox to create a sandbox for task "fix-123".
Place it under ~/projects, base branch main.
Command: python3 <skill_dir>/scripts/codex_sandbox.py new fix-123 --base-dir ~/projects --base-branch main
Concepts
Use these terms consistently in prompts and logs:
- Workset: Logical grouping for a ticket/feature (optional label only).
- Sandbox: One clone directory used by one writing agent.
- Session: One Codex process running in one sandbox.
Prefer: one writing session per sandbox.
Create a sandbox
python3 <skill_dir>/scripts/codex_sandbox.py new <task> [options]
Common patterns:
# Create sandbox + branch and print its path
python3 <skill_dir>/scripts/codex_sandbox.py new feat-auth
# Use a different base branch
python3 <skill_dir>/scripts/codex_sandbox.py new fix-123 --base-branch develop
# Copy .env.example to .env on creation
python3 <skill_dir>/scripts/codex_sandbox.py new feat-auth --env-copy
Key options:
--base-dir DIR: Where to place sandboxes (default:~/wip).--bare-dir DIR: Where to keep the bare mirror (default:~/.cache/codex-sandboxes/<repo>.git).--remote NAME: Which remote to use (default:origin).--remote-url URL: Override remote URL discovery.--base-branch NAME: Base branch to branch from (default:main).--branch NAME: Explicit branch name (default: derived from<task>).--env-copy: Copy.env.exampleto.envif present and.envmissing.
List, inspect, remove
python3 <skill_dir>/scripts/codex_sandbox.py list
python3 <skill_dir>/scripts/codex_sandbox.py path <task>
python3 <skill_dir>/scripts/codex_sandbox.py status <task>
python3 <skill_dir>/scripts/codex_sandbox.py rm <task>
Safety rules
Follow these rules in every run:
- Never run a write-capable agent in the primary checkout.
- Always create a sandbox for a write task.
- Keep one writer per sandbox.
- Keep
main/masterprotected on the remote (PR-only merges).
If the sandbox is currently on main/master, the tool will refuse to proceed unless you pass --allow-main.
Multiple sessions
If you want multiple sessions for one workset, create multiple sandboxes:
python3 <skill_dir>/scripts/codex_sandbox.py new feat-auth-ui-1
python3 <skill_dir>/scripts/codex_sandbox.py new feat-auth-ui-2
python3 <skill_dir>/scripts/codex_sandbox.py new feat-auth-core-1
Avoid running two writing sessions in the same sandbox.
Troubleshooting
- Remote URL detection failed: pass
--remote-url. - Sandbox already exists: choose a unique
<task>name or remove withrm. - You want deterministic naming: read
references/naming.md.
Related Skills
regenrek/electron-live-test
tools
VerifiedTrustedCommunity
Live-test any Electron desktop app with native-devtools-mcp, Chrome DevTools Protocol, screenshots, OCR, and accessibility tools. Use when the user asks for Electron UI verification, MCP-driven app control, renderer CDP interaction, native desktop automation, screenshots, or OCR-driven checks.
124SKILL.mdUpdated May 28, 2026
regenrek/search-context
testing
VerifiedTrustedCommunity
Find, clone, inspect, and summarize high-quality GitHub reference repositories for coding agents. Use when a user asks for GitHub reference projects, examples, prior art, inspiration, implementation patterns, or includes "$search-context" in a coding prompt.
124SKILL.mdUpdated May 17, 2026
regenrek/secleak-check
testing
VerifiedTrustedCommunity
Run or install repo security leak checks with BetterLeaks and Trivy. Use when asked to scan for leaked secrets, vulnerable dependencies, misconfigurations, add secret-leak guardrails, add BetterLeaks, add forbidden-path hooks, or run secleak-check before release.
114SKILL.mdUpdated May 17, 2026
regenrek/package-security-check
development
VerifiedTrustedCommunity
Run a reusable JavaScript supply-chain security baseline with pnpm-first hardening, release-age gating, lifecycle-script controls, exotic dependency checks, CI install checks, and optional incident IOC profiles.
114SKILL.mdUpdated May 13, 2026