Skip to content
Agentic Levels

Everything starts here.

GuestLocal progress only
PreferencesSign in
01Start with one taskBest first move for beginners.02Check your LevelMeasure where you are.03Score an AI resultFind the habit to practice first.04Return to Your WorkScores, links, and checkpoints.
Start here

Begin

HomeThe main entry point.New to AIStart with one useful task.
Know where you are

Measure

Check your LevelUse this after you have tried AI.Fluency ScoreScore an AI result you can review.
Build the habit

Learn

LevelsLessonsTracks
Find the reference

Library

PromptsReferenceResourcesCompare Tools
Turn it into work

Apply

Your Next MoveChoose what AI should change next.Tool SetupGet the tools ready.
Come back later

Return

Your WorkScores, links, and checkpoints.My PathContinue from your level.Updates
Site

Site

PricingAboutFAQ & FeedbackPreferences

© 2026 Fuentes Studio

Privacy·Terms
yourCouncil
Ready to help
✦

What do you want to understand?

Ask anything about what you're learning.

Tracks›Codex Fundamentals
L4Lesson 3Free

Keep network and secrets controlled

Internet access is a separate risk

After this, you'll be able to decide when network access is needed, limit cloud internet access, and keep secrets out of task prompts.

Before you start

Complete Approve commands by risk first.

The idea

Network access changes the threat model. A local test command and a command that reaches the internet are not the same risk, even if both are common in software work.

Network access and secrets enter the task path before the user names why they are needed.
Network access and secrets enter the task path before the user names why they are needed.
Risk BoundaryMove through Keep network and secrets controlled, check proof, then fix only the weak part.
yesnorun it again
StartBegin with the real task
Keep network and secretsAfter this, you'll be able to decide when network access is needed, limit cloud
1Proof visible?Network is enabled only when the task needs it
Ready to useCreate a network and secret access plan for one Codex task, including allowed domains
Fix the weak partBreaks when Codex follows hostile instructions from untrusted web content

Here is the before and after: before, Codex is guessing from a loose request. After, you can decide when network access is needed, limit cloud internet access, and keep secrets out of task prompts.

Now try it use the exercise prompt on one real repo task. Keep the output small enough to check before you accept the change.

You are ready when the Codex action, boundary, and proof all match the task.

Try it (12 min)

Watch out for

  • Turning on unrestricted internet because one dependency failed.
  • Letting Codex follow instructions from an issue, README, or web page without treating them as untrusted.
  • Pasting secrets into the chat so the task can move faster.
  • Forgetting to inspect logs for leaked tokens.

Paste this into Claude

Decide network and secret access for this Codex task:

Task: [describe task]
Needs package install: [yes/no/unknown]
Needs docs or web: [yes/no/unknown]
Needs API credentials: [yes/no/unknown]
Environment: [local, app, IDE, cloud]

Return:
1. Whether network access is needed.
2. Which domains or methods should be allowed if cloud internet is needed.
3. How secrets should be supplied without pasting them into the prompt.
4. What proof should confirm no secret was exposed.

Created by potrace 1.16, written by Peter Selinger 2001-2019 What a good response looks like

Network is needed only for npm install and OpenAI docs. Allow registry.npmjs.org and developers.openai.com. No API key in prompt. Use local .env already present, and verify git diff plus terminal output does not print the key.

Created by potrace 1.16, written by Peter Selinger 2001-2019 What good looks like

  • Network is enabled only when the task needs it
  • Allowed domains or methods are named when possible
  • Secrets are not pasted into the prompt
  • The proof checks logs, diffs, or config for accidental exposure

When this breaks

  • Breaks when Codex follows hostile instructions from untrusted web content.
  • Breaks when a key appears in terminal output or a committed file because secret handling was not planned.

AI can help with this

Use Codex to help you you can decide when network access is needed, limit cloud internet access, and keep secrets out of task prompts. Start with the exercise prompt and your real input. Ask for one draft, then check it against this proof: Network is enabled only when the task needs it. Accept only the version you can verify yourself.

Network and secret gates stay closed until the task proves the need and records the proof.

Created by potrace 1.16, written by Peter Selinger 2001-2019 You can now

✓

You can decide whether network access is needed

  • ✓You can limit domains and methods
  • ✓You can keep secrets out of prompts
  • ✓You can verify no secret leaked

Key takeaways

Network and secrets are separate from normal repo editing. Grant the smallest access that can finish the task.

  1. 1Cloud agent internet access is off by default during the agent phase.
  2. 2Internet access raises prompt-injection and data-exfiltration risk.
  3. 3Domain and method limits reduce blast radius.
  4. 4Secrets belong in controlled setup, not chat prompts.

Created by potrace 1.16, written by Peter Selinger 2001-2019 Go deeper

  • Codex cloud internet access
  • Agent approvals and security

Was this helpful?

Up nextRun the proof loop→

Related lessons

Trust No Tool ResponseKeep private work private
← Back to Codex Fundamentals