alt Hacker NewsThe Codex agent is only given tools to edit the single HTML file that displays on the homepage. The page is on a separate domain, so there's no cookie sharing, and the iFrame is in a sandbox. That said, the biggest risk is social engineering attacks.
What’s to stop someone rewriting the iframe wrapper to hide the real iframe and display a fake one?