Skip to content

Codex RPC probe can open ChatGPT browser login on app startup/settings open #216

Description

@aleksandr-kotlyar

ClaudeBar can trigger Codex RPC probing without explicit user action, for example on app startup, background refresh, or when opening Settings while Codex is configured in RPC mode.

Since Codex RPC mode uses the local Codex CLI / codex app-server, this is not a passive status check. If the local Codex CLI session is not authenticated or requires re-authentication, the probe may start the ChatGPT browser login flow automatically.

This creates a surprising UX: simply opening ClaudeBar can launch a browser login flow even though the user did not click Connect, Refresh, or otherwise ask ClaudeBar to start Codex.

Observed behavior

  1. Open ClaudeBar.
  2. ClaudeBar starts refreshing/probing enabled providers.
  3. Codex is configured in RPC mode.
  4. ClaudeBar starts Codex RPC probing.
  5. Codex CLI may open the ChatGPT browser login flow.
  6. Opening Settings shows Codex on the RPC tab/mode, even though the user did not explicitly start a connection attempt.

Expected behavior

Opening ClaudeBar should not launch the ChatGPT browser login flow.

Opening Settings should not launch the ChatGPT browser login flow.

Viewing or selecting Codex RPC mode should not start codex app-server automatically.

ClaudeBar should only run Codex RPC probing after explicit user intent, such as:

  • clicking a Connect button;
  • clicking Refresh / Test connection;
  • background refresh after Codex was already explicitly connected and verified.

Actual behavior

Codex RPC probing may run automatically as part of startup/background refresh/settings lifecycle. Because RPC mode starts the local Codex CLI, this can indirectly trigger the ChatGPT browser login flow.

Why this matters

RPC probing is an active operation with side effects. It can launch a subprocess and may trigger authentication UI outside ClaudeBar.

A provider being available or enabled in ClaudeBar should not automatically mean ClaudeBar is allowed to start an auth-capable CLI flow.

This is related to previous Codex process-spawning issues such as #126 and #113, but the problem here is slightly different: even if process cleanup works correctly, the app should still avoid starting Codex login automatically without explicit user action.

Suggested direction

Separate these states:

  • Codex provider exists in ClaudeBar;
  • Codex provider is enabled in the UI;
  • ClaudeBar is allowed to actively probe Codex via RPC.

For Codex RPC mode, startup/background refresh should stay passive unless Codex was already explicitly connected/verified.

If Codex is not connected or not yet checked, the UI could show a passive state such as:

Codex CLI session not checked. Click Refresh or Connect to check Codex status.

RPC mode copy could also clarify:

RPC mode uses the local Codex CLI. ClaudeBar will not start Codex login automatically.

The expected fix can be small: prevent automatic Codex RPC probing from launching Codex unless the user explicitly requested it.

Environment

  • ClaudeBar version:
  • macOS version:
  • Codex CLI version:
  • Codex probe mode: RPC
  • Codex auth state: not authenticated / expired / unknown

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions