#A potential bypass for token usage within Codex cloud, utilizing custom agent initialization.

I have already reported this to Claude Code, though I haven't verified this specific issue regarding Codex Cloud Code. However, the agent initialization system is indeed functional in Codex Cloud Code as well.

This likely involves utilizing session initialization within the Claude code cloud environment, resulting in the initialization of agents that are not subject to the account's usage limits.

At the very least, let's verify this. For security reasons, I do not wish to publicly disclose the details regarding the initialization of agents within Cloud. However, I am willing to grant access to a private repository so that you can see for yourself exactly how the agent initialization process is carried out.

I believe this may have security implications involving cloud execution, agent/session initialization, and potential unintended billing/isolation behavior.
I have a reproducible setup and supporting evidence, but I do not want to disclose technical details publicly.
Please provide a private security contact or preferred responsible disclosure channel, and I will share the reproduction materials there.

Codex Cloud