Skip to content

tjsinghlab/dotcodex

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.toml
config.toml
 
 

Repository files navigation

dotcodex

Minimal Codex configuration for team work around genetic data.

This repository publishes a small, reviewable config.toml template that keeps Codex work inside a narrower local sandbox. The intent is to make routine agent work useful without normalizing broad filesystem access.

The spirit of this template follows the team's AI And Large Language Model (LLM) Usage Policy: AI-assisted work should stay separated from controlled research data, should not expose data, metadata, paths, or infrastructure details to external tools, and should default to caution when the boundary is unclear.

Files

  • config.toml: shared Codex permission profile template.
  • .gitignore: guardrails for keeping data, secrets, and local state out of Git.

Using The Template

Review config.toml, then merge the relevant sections into your existing Codex configuration. Do not replace your whole ~/.codex/config.toml; personal Codex settings change often, and this repository is meant to provide the shared permissions profile only.

The main section to copy starts at:

[permissions.repo-only]

and continues through:

[permissions.repo-only.network]
enabled = true

If you want Codex to use this profile by default, also copy or adapt these top-level settings:

approval_policy = "on-request"
default_permissions = "repo-only"
approvals_reviewer = "user"

For a named profile, copy config.toml to a profile file and then edit it alongside your existing settings:

mkdir -p ~/.codex
cp config.toml ~/.codex/team.config.toml

Start Codex with that profile when you want to use the template:

codex --profile team

Adjust any home-directory paths for that user's machine before relying on this profile. The template is intentionally conservative about repository contents: workspace files are writable, common environment files are denied, and data/ under the workspace is denied.

Scope

Do not put genetic data, clinical data, credentials, access tokens, or identifiable participant information in this repository. This repo should stay limited to configuration, documentation, and small text examples that are safe to publish.

The template allows network access by default so normal developer tools can work. For regulated or more sensitive workflows, review the network section and consider adding domain rules or disabling network access by default.

About

Codex permission profile template for team work around genetic data

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

3 tags

Packages

 
 
 

Contributors