Codex Security: now in research preview

OpenAI launched Codex Security - a research preview for an AI app-security agent that detects, validates, and patches vulnerabilities with project context. Read:. My take: useful, not magic. Why it matters: static scanners flag lines. Context-aware agents follow call paths, dependency graphs, and tests, which cuts noise and surfaces plausible fixes. Still: plausible ≠ correct. Human review and reproducible tests remain essential. How I’d adopt it: run read-only for 2 weeks - let the agent open tickets, not PRs.