{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreigsrkp6ku4uwpflruixnp2fupv7d44fhlqlcwacuz2kfrbwrdpcoq",
    "uri": "at://did:plc:lk3jfj3zq4k4wxnk474axylu/app.bsky.feed.post/3mmkox3r5gpx2"
  },
  "path": "/t/safer-local-git-autonomy-for-sandboxed-codex-without-broad-git-write-access/1381660#post_1",
  "publishedAt": "2026-05-23T23:40:28.000Z",
  "site": "https://community.openai.com",
  "textContent": "I’ve been working around a local Codex workflow issue: I want to keep Codex in a safer sandbox/approval posture, but local Git operations often need writes under `.git`. That can push you toward manual Git, repeated approvals, or broader permissions than you actually want.\n\nI built a small local MCP server called `codex-safe-git` to explore a middle ground.\n\nThe idea is not to make `.git` broadly writable and not to expose arbitrary shell/Git access. Instead, Codex gets a narrow, auditable Git tool surface for local workflows: status, bounded diff summaries, branch prep, and exact-file commits. Remote operations are intentionally out of scope.\n\nYou can find it on GitHub by searching for `K1-R1 codex-safe-git`.\n\nInstall is via Go:\n\n`go install github.com/K1-R1/codex-safe-git/cmd/codex-safe-git-mcp@v0.4.3`\n\nNot claiming this replaces any upstream permission work, but it may help people who want Codex to stay sandboxed while still being able to handle local Git more autonomously.",
  "title": "Safer local Git autonomy for sandboxed Codex without broad .git write access"
}