fix: PR feedback

codex-rs/cli/src/debug_sandbox.rs

@@ -1,10 +1,11 @@
 use std::path::PathBuf;
 
 use codex_common::CliConfigOverrides;
+use codex_core::admin_controls::ADMIN_DANGEROUS_SANDBOX_DISABLED_MESSAGE;
+use codex_core::config::AdminAuditContext;
 use codex_core::config::Config;
 use codex_core::config::ConfigOverrides;
-use codex_core::config::audit_admin_run_with_prompt;
-use codex_core::config::prompt_for_admin_danger_reason;
+use codex_core::config::audit_admin_run_without_prompt;
 use codex_core::exec_env::create_env;
 use codex_core::landlock::spawn_command_under_linux_sandbox;
 use codex_core::seatbelt::spawn_command_under_seatbelt;
@@ -77,7 +78,28 @@ async fn run_command_under_sandbox(
             ..Default::default()
         },
     )?;
-    audit_admin_run_with_prompt(&config, prompt_for_admin_danger_reason(&config), false).await?;
+
+    if config
+        .admin_danger_prompt
+        .as_ref()
+        .is_some_and(|prompt| prompt.needs_prompt())
+    {
+        anyhow::bail!(ADMIN_DANGEROUS_SANDBOX_DISABLED_MESSAGE);
+    }
+
+    audit_admin_run_without_prompt(
+        &config.admin_controls,
+        AdminAuditContext {
+            sandbox_policy: &config.sandbox_policy,
+            approval_policy: &config.approval_policy,
+            cwd: &config.cwd,
+            command: None,
+            dangerously_bypass_requested: false,
+            dangerous_mode_justification: None,
+            record_command_event: false,
+        },
+    )
+    .await?;
     let stdio_policy = StdioPolicy::Inherit;
     let env = create_env(&config.shell_environment_policy);