belowcube 🇪🇬

@JML1426 @noiseofheloise my new bed will be the fridge

@noiseofheloise 🥶

Voilà une planète qui va bien!

@PhiloGroves DAMN. thats rough

@belowcube I don’t think I can give away the range without giving away the bug class, but the award was less than 10% of what was shown for that class. I responded and asked why, they ignored it.

Can’t wait to responsibly disclose the bug they scammed my bounty on. Full pwn but awarded the bare minimum advertised by the VRP. 2.5 weeks

@athasdev damn i need to start adopting flexoki EVERYWHERE

@belowcube Yeah. I too recently discovered Flexoki and fell in love with it

@athasdev this is beautiful

@belowcube Ghostty on MacOS theme = light:"GitHub Light Default",dark:"Flexoki Dark" keybind = shift+enter=text:\n maximize = true quick-terminal-position = center window-subtitle = working-directory window-save-state = always macos-titlebar-style = tabs

@athasdev thank you

@weswinder @solipsnitsyn u gotta separate chatgpt from codex someway somehow lol

@belowcube @solipsnitsyn even though they haven't used it in the name for a while people still call the models themselves codex 😭

lol this dude just blocked me for telling him gpt-5.5 doesn't have a codex model variant?? he was (understandably) confused because codex (the app) identified itself as "codex" in chat openai has done irreversible damage by using the term "codex" for a million different things

@weswinder @solipsnitsyn yeah, although i think moving forward the unification of the models to just be 5.4, 5.5, 5.6, 5.7, 5.8, 5.9, 6.0 is better. That's if they stick to increments. who knows, they might move onto 6.0 and then straight to 6.5

@belowcube @solipsnitsyn right yeah. adding the codex naming to the model as well as the harness confuses so many people was a big mistake imo

@weswinder @solipsnitsyn the last codex variant im pretty sure was gpt 5.3 codex

@solipsnitsyn did it not? what's the last one? 5.2? see that's why i was trying to figure out if he was right or not because they are so confusing and maybe i missed it

@throwaway18459 @ANormalRookie @armonikszn proud EST 2016

@ANormalRookie @armonikszn imagine not having an EST title smh

wait so what's gonna happen with steam launcher?

@JustinBleuel @morganlinton yikes

@morganlinton Didn't we just dm to fix your workspace plan?

It’s kinda weird, people from Cursor, Claude, Droid, Grok Build, and just about every other agentic coding tool seem to interact with me on X. But for some reason, the Codex team doesn’t, and when I comment on their tweets, or tweet to them they always ignore me. So odd because I have publicly shared so many times that Codex is my daily driver and the agentic coding tool I’m the most fanatical about. Moved our whole engineering team off of Claude Code and onto Codex, love it so much. Not quite sure what I did, but would love to interact with people like @thsottiaux, @ajambrosino and @jxnlco - honestly, they’re like my heroes! But for some reason they never interact with me 😢 What did I do guys?

@GioGigiX @thsottiaux pi.dev

@thsottiaux what the f is a "pi harness" 😭

A little secret. About 5% of our production traffic is on the Pi harness, about another 5% is on OpenCode. Reminder you can use your ChatGPT account in a flourishing set of other tools. We’ll continue to make Codex awesome, but you have options.

@PhiloGroves insane, how'd you do it?

I’ve been working on my bug report writing, and the results are astounding. Only 2 of my past 10 reports have been duplicate, none NA/informational. My previous reports lacked clarity that was easy to mark as a dupe, didn’t lean enough into impact, and proofs weren’t great.

@CrowEnviron @litteralyme0 this boss causes high blood pressure bro

__

@PhiloGroves @Techniacus Alright, thank you! Good luck on that CVE, hope it ain’t a duplicate!

@PhiloGroves @Techniacus Gotcha, this is my last question if you don’t mind (sorry), do you not use any tools like Burp or Proxyman? or is it you, Codex and CDP? right now im using Burp Suite Professional with extensions and Codex Computer use so it can manage everything. I wonder if this is inefficient

@belowcube @Techniacus Unfortunately no, report writing is my biggest bottleneck too. If you find a solution, I’d love to hear it! A few small things like “if this is a duplicate, check…” and “this is in scope because…” seem to help

@PhiloGroves @Techniacus Interesting. The problem I always run into is whenever i make a report it ends up becoming a duplicate, so the 3-4 hours spent writing it, validating, testing was wasted. Any tips and tricks to avoid this or do i just gotta keep trying till i get lucky?

@belowcube @Techniacus Those are all agent tools and IMO they go too far into safety. Codex Browser can’t use authenticated accounts for example. For browser, I recommend using CDP (Chrome DevTools Protocol), it is the protocol most of those tools are built on anyway. Codex can use CDP just fine.

@PhiloGroves @Techniacus follow up question, how do you allow codex to handle stuff like signing in? seeing requests? is it codex using computer use or an MCP server?

@belowcube @Techniacus x.com/philogroves/st…

@PhiloGroves @Techniacus whats your workflow for working with codex on CVE's?

@Techniacus With my luck, it will be a duplicate submitted yesterday haha