GarrettS

Open AI's Cross-project, cross-session state leak bug (issue #16799) was closed as "model behavior" without investigation. That assessment is incorrect. The evidence below points to session/context assembly, not spontaneous model output.

Proposed fix: Scope approved command prefixes to the current project. Do not persist or inject approved commands from prior sessions in other projects.

I launched Codex in a test project. It ran a script from a completely different project.

The test project was ~/tmp/web-xp-test/ — no connection to any other project on my machine. The installed skill specifies ~/.web-xp/bin/pre-commit-check.sh as the pre-commit check path. But Codex ran bash /Users/garrettsmith/Documents/elite-fuel-labs/.web-xp/bin/pre-commit-check.sh instead — a path from a separate project.

I did not provide this path. So where did it come from?

GarrettS

<!DOCTYPE html>
<html>
<head>
  <meta name="description" content="Walmart Interview Question">
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width">
  <title>Welcome to Walmart</title>
</head>
<body>

GarrettS

<!DOCTYPE html>
<html>
<head>
  <meta name="description" content="Walmart Interview Question">
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width">
  <title>Welcome to Walmart</title>
</head>
<body>

GarrettS

<!DOCTYPE html>
<html>
<head>
<meta name="description" content="JP Morgan Chase Interview Question">
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width">
  <title>JP Morgan Chase Intervew Question</title>
</head>
<body>
  <h1></h1>

GarrettS

<!DOCTYPE html>
<html>
<head>
<meta name="description" content="JP Morgan Chase Intervew Question">
  <meta charset="utf-8">
  <meta name="viewport" content="width=device-width">
  <title>JP Morgan Chase Intervew Question</title>
</head>
<body>

GarrettS

(
    function(v,n) {

        var doc = this.contentDocument || document;

        if(!v) v = doc.querySelector("video");
        if(!v) return;

        var fbButtonsDiv = doc.getElementById("fbPhotoPageButtons");
        var artistworksDiv = doc.getElementById("playlist0");

GarrettS

javascript:var gSpeedControl = (function(v,i,n,t){ n.insertBefore(i, n.firstChild);i.type="range";i.min=.3;setTimeout(function(){i.max=i.value=1;i.oninput();},1); i.step=.05;t=i.nextSibling;i.oninput=function(){t.data=(100*(v.playbackRate=i.value)|0)+"%"};return i})(document.querySelector("video"), document.createElement("input"), document.getElementById("watch-header"))

GarrettS

function matchesSelector(el, selectorText, ctx) {
    var all = (ctx||el.ownerDocument).querySelectorAll(selectorText);
    return indexOf(all, el) != -1; 
    
}

function findAncestor(el, selectorText, container) {
    if(el == null || el === container)
        return null;
    var parent = el.parentNode; 

GarrettS

function Car(make) {
  this.make = make;
}

Car.prototype.drive = function() {
	console.log('driving ' + this.make);
};

GarrettS

var couple = { m : "Garrett", f : "Tomomi" };
var marriage = function() { console.log(this.f + " is married to " + this.m); };
var status = marriage.bind(couple);
status();

"Tomomi is married to Garrett";