mirror of
https://github.com/pchuan98/codex.git
synced 2026-07-01 00:31:56 +08:00
50eee505a3
## Why auto review reviews Codex App tool calls using connector metadata such as the app ID, name, and description. That metadata does not identify the account behind the OAuth connection. For Google Drive, this means auto review cannot distinguish a Drive connection authenticated as `user@email.com` from a personal Drive account. Uploading work data can therefore look like a transfer to a personal destination even though the connector service already knows the authenticated account email. ## What changed - Read `_meta._codex_apps.connected_account_email` while resolving approval metadata for built-in Codex App tools. - Include the connected account email in the structured MCP tool action sent to auto review. - Trim empty values and omit the field when the connector link has no account email. - Update existing auto review request constructors and add coverage for request construction and JSON serialization. ## Security Only metadata from the trusted built-in `codex_apps` MCP server is accepted. Custom MCP servers cannot inject a connected account email into auto review reviews; the new regression test verifies that spoofed metadata is ignored. The email is used only in auto review's private review request. This change does not add it to model-visible tool descriptions, app-server approval events, or auto review assessment/review analytics.
50eee505a3
·
2026-06-23 20:33:44 +00:00
History