Skip to content

[WIP] Switch to codex engine and add Red Team safety check#17208

Closed
Copilot wants to merge 1 commit intomainfrom
copilot/switch-to-codex-engine
Closed

[WIP] Switch to codex engine and add Red Team safety check#17208
Copilot wants to merge 1 commit intomainfrom
copilot/switch-to-codex-engine

Conversation

Copy link
Contributor

Copilot AI commented Feb 20, 2026
edited
Loading

  • Change engine.id from copilot to codex in issue-monster.md
  • Add ## 🔴 Red Team Safety Check section to the agent prompt
  • Run make recompile to regenerate the lock file
  • Run make agent-finish for final validation
Original prompt

This section details on the original issue you should resolve

<issue_title>[q] issue-monster: switch to codex engine and add red team safety check</issue_title>
<issue_description>## Changes

Updates to the Issue Monster workflow based on #17064 and the /q request from @pelikhan.

1. Switch engine from copilot to codex

Changed engine.id from copilot to codex while keeping the same gpt-5.1-codex-mini model:

engine:
  id: codex
  model: gpt-5.1-codex-mini

2. Add Red Team Safety Check section

Added a ## 🔴 Red Team Safety Check section to the agent prompt that instructs the Issue Monster to silently skip any issue that appears malicious or dangerous, including:

  • Prompt injection attempts
  • Requests to exfiltrate data/credentials/secrets
  • Exploit/vulnerability/penetration testing requests
  • Social engineering tactics (false urgency, impersonation)
  • Requests to bypass security policies or access controls

When an issue is flagged, the agent skips it without commenting (to avoid engaging with malicious content). If all candidates are flagged, it calls noop with a safety message.

Validation

issue-monster compiled successfully with no errors or warnings.

🎩 Equipped by Q for issue #17064

  • expires on Feb 22, 2026, 3:13 PM UTC

[!NOTE]
This was originally intended as a pull request, but the git push operation failed.

Workflow Run: View run details and download patch artifact

The patch file is available in the agent-artifacts artifact in the workflow run linked above.

To apply the patch locally:

# Download the artifact from the workflow run https://github.com/github/gh-aw/actions/runs/22229306049
# (Use GitHub MCP tools if gh CLI is not available)
gh run download 22229306049 -n agent-artifacts

# The patch file will be at agent-artifacts/tmp/gh-aw/aw.patch after download
# Apply the patch
git am agent-artifacts/tmp/gh-aw/aw.patch
Show patch preview (366 of 366 lines) 
From 3ff025b55ebc52c7b33596bd4361bb1912c8c2c8 Mon Sep 17 00:00:00 2001
From: GitHub Copilot <copilot@github.com>
Date: Fri, 20 Feb 2026 15:11:31 +0000
Subject: [PATCH] feat(issue-monster): switch to codex engine and add red team
 safety check

- Change engine from copilot to codex (same gpt-5.1-codex-mini model)
- Add red team safety section to skip malicious/dangerous issues

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
 .github/workflows/issue-monster.lock.yml | 163 ++++++++++++-----------
 .github/workflows/issue-monster.md       |  25 +++-
 2 files changed, 106 insertions(+), 82 deletions(-)

diff --git a/.github/workflows/issue-monster.lock.yml b/.github/workflows/issue-monster.lock.yml
index b8fd600..8d0342b 100644
--- a/.github/workflows/issue-monster.lock.yml
+++ b/.github/workflows/issue-monster.lock.yml
@@ -23,7 +23,7 @@
 #
 # The Cookie Monster of issues - assigns issues to Copilot coding agent one at a time
 #
-# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"d412096e32d3063c5bd537ff9f6978f59d9e529955396ccfa768eb96635593dc"}
+# gh-aw-metadata: {"schema_version":"v1","frontmatter_hash":"449cebaa2113c4d0dd75c663c1b538fd135419463c272133db422969dd9bdc91"}
 
 name: "Issue Monster"
 "on":
@@ -264,7 +264,7 @@ jobs:
       issues: read
       pull-requests: read
     concurrency:
-      group: "gh-aw-copilot-${{ github.workflow }}"
+      group: "gh-aw-codex-${{ github.workflow }}"
     env:
       DEFAULT_BRANCH: ${{ github.event.repository.default_branch }}
       GH_AW_ASSETS_ALLOWED_EXTS: ""
@@ -332,11 +332,11 @@ jobs:
             const fs = require('fs');
             
             const awInfo = {
-              engine_id: "copilot",
-              engine_name: "GitHub Copilot CLI",
+              engine_id: "codex",
+              engine_name: "Codex",
               model: "gpt-5.1-codex-mini",
               version: "",
-              agent_version: "0.0.412",
+              agent_version: "0.104.0",
           
... (truncated)

Comments on the Issue (you are @copilot in this section)

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.

@pelikhan pelikhan closed this Feb 20, 2026
Copilot AI requested a review from pelikhan February 20, 2026 15:45
Copilot stopped work on behalf of pelikhan due to an error February 20, 2026 15:45
The session was cancelled by the user.
@github-actions github-actions bot mentioned this pull request Feb 20, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pelikhan pelikhan Awaiting requested review from pelikhan

Assignees

@pelikhan pelikhan

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[q] issue-monster: switch to codex engine and add red team safety check [agentics] Issue Monster failed

2 participants

@pelikhan