[Night Shift] docs: add --prompt-file guidance for shell-safe prompt passing#394
[Night Shift] docs: add --prompt-file guidance for shell-safe prompt passing#394Pgarciapg wants to merge 1 commit into
Conversation
…passing Instructs agents to use --prompt-file instead of positional arguments when invoking Codex tasks. This avoids shell escaping issues with quotes, backticks, dollar signs, and other metacharacters in prompts. - Update SKILL.md with example showing temp file + --prompt-file usage - Update test to verify new documentation pattern Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 627f1bf99b
ℹ️ About Codex in GitHub
Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".
| - Always use `--prompt-file` instead of positional arguments for shell-safe prompt passing. | ||
| - Write the prompt to a temp file first, then reference it: | ||
| ```bash | ||
| cat << 'EOF' > /tmp/codex-prompt.txt |
There was a problem hiding this comment.
Avoid embedding raw prompts in a fixed heredoc
When the forwarded prompt contains a line that is exactly EOF, this example closes the quoted heredoc early and the remaining prompt text is interpreted by the shell before codex-companion runs. That makes the new “shell-safe” path unsafe for prompts copied from issues, logs, or user input that may include heredoc terminators; use a construction that does not embed raw prompt text directly in shell syntax, or generate a collision-resistant delimiter.
Useful? React with 👍 / 👎.
|
|
||
| Primary helper: | ||
| - `node "${CLAUDE_PLUGIN_ROOT}/scripts/codex-companion.mjs" task "<raw arguments>"` | ||
| - `node "${CLAUDE_PLUGIN_ROOT}/scripts/codex-companion.mjs" task --prompt-file /tmp/codex-prompt.txt [flags]` |
There was a problem hiding this comment.
This hard-codes a shared /tmp/codex-prompt.txt path and the example never removes it, so concurrent rescue handoffs on the same machine can overwrite each other between writing and reading the file, and sensitive task text is left behind for later runs or other local users to read. The guidance should use a per-invocation temp file such as mktemp and clean it up after invoking task.
Useful? React with 👍 / 👎.
Summary
plugins/codex/skills/codex-cli-runtime/SKILL.mdto instruct agents to use--prompt-fileinstead of positional arguments for shell-safe prompt passing--prompt-fileflagChanges
--prompt-filefor shell safety/tmp/codex-prompt.txt--prompt-filedocumentationTest plan
🤖 Generated with Claude Code