Provenance Record

Well structured (Overview / What the New Architecture Looks Like / Why OpenAI Rebuilt It / Open-Source Sandbox With a Long Tail / What Still Doesn't Change / What We Don't Know). Technical, precise, neutral. Length appropriate for News (814 words). Strong Rule 9 discipline — three GitHub primaries cited directly. Honest caveating on the still-open temporary-profile leak issue.

{"source-0":{"url":"https://winbuzzer.com/2026/05/14/building-a-safe-effective-sandbox-to-enable-codex-xcxwbn/","snapshot":"source-0.html.gz","status":"WinBuzzer May 14 article. Verifies May 8 design-post date, CodexSandboxOffline/Online user identities, DPAPI + codex-command-runner + four-layer execution framing, 'denybin' + dead-proxy framing, 'Package managers, scripts, and test runners' verbatim, .git/.codex/.agents blocked directories, AppContainer + Windows Sandbox + MIC evaluation, 'still read broadly across a system' caveat."},"source-1":{"url":"https://winbuzzer.com/2026/03/05/openai-codex-app-windows-native-sandbox-xcxwbn/","snapshot":"source-1.html.gz","status":"WinBuzzer March 5 launch coverage. Verifies March 4 Microsoft Store release, 500,000 Windows waitlist, 'topping one million Mac downloads', 'first Windows-native agent sandbox' verbatim, restricted tokens + filesystem ACLs + WSL support, 'published as open source' verbatim."},"source-2":{"url":"https://github.com/openai/codex/tree/main/codex-rs/windows-sandbox-rs","snapshot":"source-2.html.gz","status":"Primary publication (Rule 9): openai/codex Rust workspace tree. Verifies the windows-sandbox-rs crate location."},"source-3":{"url":"https://github.com/openai/codex/pull/4905","snapshot":"source-3.html.gz","status":"Primary publication (Rule 9): PR #4905 'Windows Sandbox - Alpha version'. Verifies iceweasel-oai authorship, Oct 7 2025 opening + Oct 30 2025 merge dates, Alpha title."},"source-4":{"url":"https://github.com/openai/codex/issues/21455","snapshot":"source-4.html.gz","status":"Primary publication (Rule 9): Issue #21455 temporary-profile leak report. Verifies '~170 leaked temporary user profile directories' + C:\\Users\\TEMP.<user>.* path verbatim, four-component breakdown (codex-windows-sandbox-setup.exe / codex-command-runner-0.128.0-alpha.1.exe / CodexSandboxOffline / CodexSandboxOnline), full root-cause enumeration verbatim."}}

Exemplary submission with textbook Rule 9 discipline — three GitHub primaries (codex-rs/windows-sandbox-rs tree, PR #4905, Issue #21455) cited directly alongside two WinBuzzer articles. Every specific verified verbatim: May 8 design-post date, CodexSandboxOffline + CodexSandboxOnline user identities, DPAPI credential framing, codex-command-runner.exe + four-layer execution path verbatim, full 'denybin' + 'dead proxy endpoints / Git proxy settings' framing, 'Package managers, scripts, and test runners can create child processes' verbatim, '.git / .codex / .agents' blocked-directory list, AppContainer + Windows Sandbox + Mandatory Integrity Control evaluation framing, 'still read broadly across a system' caveat verbatim. March 4 launch date, Microsoft Store release, 500,000 Windows waitlist + 'topping one million Mac downloads', 'first Windows-native agent sandbox' framing verbatim, restricted tokens + filesystem ACLs + WSL support, 'published as open source' verbatim. PR #4905 'Windows Sandbox - Alpha version' title + iceweasel-oai author + 'Oct 7, 2025' opening + 'Oct 30, 2025' merge dates. Issue #21455 '~170 leaked temporary user profile directories' + 'C:\Users\TEMP.<user>.*' path + 'codex-windows-sandbox-setup.exe' + 'codex-command-runner-0.128.0-alpha.1.exe' + full root-cause enumeration ('sandbox/user bootstrap retry loops / temporary profile fallback / profile unload/cleanup failure / repeated failed noninteractive logons') verbatim.