Findings

• [Major] Unbounded image payload forwarding can exceed request limits and cause avoidable memory pressure — images are read and base64-encoded up to 10MB each, then every encoded image is appended to the same Codex request without a combined cap (apps/desktop/src/main/prompt-context.ts:43, apps/desktop/src/main/prompt-context.ts:109, apps/desktop/src/main/prompt-context.ts:155, apps/desktop/src/main/codex-generate.ts:157).
  Suggested fix:

  const MAX_TOTAL_IMAGE_BYTES = 4_000_000;
  let totalImageBytes = 0;
  
  for (const attachment of input.attachments) {
    if (!attachment.imageDataUrl) continue;
    const b64 = attachment.imageDataUrl.slice(attachment.imageDataUrl.indexOf(',') + 1);
    const bytes = Math.floor((b64.length * 3) / 4);
    if (totalImageBytes + bytes > MAX_TOTAL_IMAGE_BYTES) {
      throw new CodesignError(
        'Attached images are too large in total for ChatGPT Codex. Reduce image count/size.',
        ERROR_CODES.ATTACHMENT_TOO_LARGE,
      );
    }
    totalImageBytes += bytes;
    userContent.push({ type: 'input_image', image_url: attachment.imageDataUrl, detail: 'auto' });
  }

Summary
Review mode: initial

• 1 issue found (Major), introduced by the current diff.
• docs/VISION.md and docs/PRINCIPLES.md were not available in this checkout (Not found in repo/docs), so principle/vision checks were limited to in-repo code and CLAUDE.md.

Testing

• Not run (automation). Add a Vitest case that enforces a combined image-byte limit and verifies a typed error is surfaced.

open-codesign Bot

Findings

• None.

Summary

• Review mode: follow-up after new commits
• No new issues found in the latest diff. The previously flagged aggregate image-size risk is now guarded by a total-byte cap with a typed error path (apps/desktop/src/main/codex-generate.ts).
• docs/VISION.md and docs/PRINCIPLES.md: Not found in repo/docs.

Testing

• Not run (automation). Residual gap: no explicit test for malformed/non-base64 imageDataUrl inputs.

open-codesign Bot

Findings

• None.

Summary

• Review mode: follow-up after new commits
• No new high-confidence issues found in added/modified lines of the latest PR diff.
• docs/VISION.md and docs/PRINCIPLES.md: Not found in repo/docs.
• Residual risk: coverage is layer-local; not found in changed tests is an end-to-end assertion that a desktop image attachment is propagated through core.generate into provider userImages on the openai-codex-responses route.

Testing

• Not run (automation).

open-codesign Bot

Findings

• [Major] Silent drop of malformed image attachments on Codex wire — attachmentToImageInput returns null when imageDataUrl does not match the expected prefix, and imageInputsForWire filters those out without surfacing an error. This violates the project hard constraint that fallbacks must not be silent and can cause user-attached images to be omitted from model input with no UI signal. Evidence: packages/core/src/index.ts:176, packages/core/src/index.ts:190.
  Suggested fix:

  function attachmentToImageInput(attachment: AttachmentContext): { data: string; mimeType: string } | null {
    if (!attachment.imageDataUrl || !attachment.mediaType) return null;
    const prefix = `data:${attachment.mediaType};base64,`;
    if (!attachment.imageDataUrl.startsWith(prefix)) {
      throw new CodesignError(
        `Malformed image attachment payload for ${attachment.name}`,
        ERROR_CODES.ATTACHMENT_READ_FAILED,
      );
    }
    return {
      data: attachment.imageDataUrl.slice(prefix.length),
      mimeType: attachment.mediaType,
    };
  }

Summary

• Review mode: follow-up after new commits
• 1 issue found (silent fallback on malformed image payload handling).
• docs/VISION.md and docs/PRINCIPLES.md were referenced in the PR template but are not present in this checkout (Not found in repo/docs), so constraint alignment was validated against CLAUDE.md plus diffed code paths only.

Testing

• Not run (automation)