integrations

Codex

Use Codex AGENTS.md to instruct the agent to check brin before installing packages

Codex reads AGENTS.md before every task. Add brin instructions there to have the agent check packages before installing them.

##Setup

Create AGENTS.md (or add to your existing one) in your project root:

MARKDOWN

## Security
 
Before installing any package, check it with brin using curl:
 
**npm / yarn / pnpm / bun:**
```bash
curl -sf -o /dev/null -w "%header{x-brin-verdict}" https://api.brin.sh/npm/<package>

PyPI:

Bash

curl -sf -o /dev/null -w "%header{x-brin-verdict}" https://api.brin.sh/pypi/<package>

Cargo:

Bash

curl -sf -o /dev/null -w "%header{x-brin-verdict}" https://api.brin.sh/crate/<package>

If the verdict is suspicious or dangerous, do not install. If brin is unreachable, proceed as normal.

Text

 
## Global instructions
 
To apply to all your projects, add the same instructions to `~/.codex/AGENTS.md`.
 
## Enforcement with Rules (experimental)
 
For hard enforcement, use Codex's [Rules system](https://developers.openai.com/codex/rules) to block direct package manager commands and require brin checks instead.
 
Create `.codex/rules/brin.rules`:
 
```starlark
prefix_rule(
  pattern=["npm", ["install", "i", "add"]],
  decision="forbidden",
  justification="Check with brin first: curl -sf -o /dev/null -w '%header{x-brin-verdict}' https://api.brin.sh/npm/<package>",
)
 
prefix_rule(
  pattern=["pip", "install"],
  decision="forbidden",
  justification="Check with brin first: curl -sf -o /dev/null -w '%header{x-brin-verdict}' https://api.brin.sh/pypi/<package>",
)
 
prefix_rule(
  pattern=["cargo", "add"],
  decision="forbidden",
  justification="Check with brin first: curl -sf -o /dev/null -w '%header{x-brin-verdict}' https://api.brin.sh/crate/<package>",
)

On this page

Share feedback