Developers said OpenAI’s latest Codex CLI update hides instructions passed between parent and sub-agents, after Multi-Agent V2 moved more orchestration into runtime and stopped exposing readable delegation text.
A merged GitHub request said the new path encrypts the message argument between model calls, with Codex forwarding ciphertext and Responses decrypting it internally for the recipient model.
Users linked the loss of visibility to Multi-Agent V2, and one said reverting to the previous CLI version restored readable instructions only as a temporary workaround.
Zolvat CTO Ignat Remizov proposed keeping encrypted delivery while adding a separate plaintext audit field in rollout, history and trace metadata so teams can inspect delegated tasks.
Analysts said hidden instruction traces could hinder debugging, compliance and incident review, especially in regulated sectors, and may slow enterprise deployment of mission-critical multi-agent systems.
Is OpenAI sacrificing enterprise trust for model secrecy with its new encrypted AI agents?
As AI agents become black boxes, how can businesses ensure compliance and avoid liability?
Encryption vs. Transparency: The Codex Multi-Agent V2 Auditability Controversy and Its Impact on Developers and Compliance
Overview
OpenAI’s update to Codex Multi-Agent V2 introduced encrypted inter-agent instructions, fundamentally changing how developers monitor and debug their systems. While this encryption aims to enhance privacy and security, it has led to a loss of crucial auditability and visibility into agent communications. Developers can no longer access plaintext records, making it difficult to trace errors and understand agent behavior. This shift has sparked strong community backlash, as the lack of transparency hinders troubleshooting and development. The core issue centers on balancing security with the essential need for local debugging and clear insight into multi-agent collaborations.