Windows: flag some invocations that launch browsers/URLs as dangerous (#7111)

Prevent certain Powershell/cmd invocations from reaching the sandbox when they are trying to launch a browser, or run a command with a URL, etc.
2026-04-24 22:54:54 +00:00 · 2025-11-21 13:36:17 -08:00
parent a0434bbdb4
commit 3bdcbc7292
6 changed files with 336 additions and 3 deletions
--- a/codex-rs/core/Cargo.toml
+++ b/codex-rs/core/Cargo.toml
@@ -56,6 +56,9 @@ sha2 = { workspace = true }
 shlex = { workspace = true }
 similar = { workspace = true }
 strum_macros = { workspace = true }
+url = { workspace = true }
+once_cell = { workspace = true }
+regex = { workspace = true }
 tempfile = { workspace = true }
 test-case = "3.3.1"
 test-log = { workspace = true }