We provide security updates for the latest version of the plugin.

This plugin handles sensitive OAuth tokens. To protect your security:

✅ What we do:

• Store tokens securely via opencode's credential management
• Use PKCE-secured OAuth 2.0 flows
• Never transmit tokens to third parties
• Implement automatic token refresh
• Use industry-standard authentication practices

Two backends are supported. The default has not changed in this release.

Migration and fallback rules:

• Switching the env var ON migrates the on-disk JSON into the keychain on the next save and renames the JSON file as <path>.migrated-to-keychain.<timestamp> for rollback. The original is never deleted automatically.
• If a keychain call fails (native module missing, keychain locked, permission denied, unsupported Linux without a secret service), the plugin logs a warning and falls back to the JSON backend for that operation. Credentials are never silently lost.
• Turn the opt-in OFF by unsetting CODEX_KEYCHAIN and running codex-keychain rollback to restore the JSON file from the most recent .migrated-to-keychain.<ts> backup.

Log redaction applies uniformly to both backends. Refresh tokens, access tokens, and id tokens are replaced before any log line is written.

⚠️ What you should do:

• Never share your ~/.opencode/ directory
• Do not commit OAuth tokens to version control
• Regularly review authorized apps at ChatGPT Settings
• Use opencode auth logout when done on shared systems
• Enable debug logging (ENABLE_PLUGIN_REQUEST_LOGGING=1) only when troubleshooting

If you discover a security vulnerability:

1. DO NOT open a public issue
2. Email the maintainer directly (check GitHub profile for contact)
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

We aim to respond to security reports within 48 hours.

We follow responsible disclosure practices:

• Security issues are patched before public disclosure
• Reporter receives credit (unless anonymity is requested)
• Timeline for disclosure is coordinated with reporter

When using this plugin:

• Personal use only: Do not use for commercial services
• Respect rate limits: Avoid excessive automation
• Monitor usage: Review your ChatGPT usage regularly
• Keep updated: Use the latest version for security patches
• Secure your machine: This plugin is as secure as your development environment
• Review permissions: Understand what the plugin can access via OAuth

The following are not security vulnerabilities:

• Issues related to violating OpenAI's Terms of Service
• Rate limiting by OpenAI's servers
• Authentication failures due to expired subscriptions
• OpenAI API or service outages

This plugin keeps its runtime dependency surface small and reviews it regularly:

• @openauthjs/openauth for OAuth handling
• @opencode-ai/plugin for the OpenCode plugin interface
• hono for lightweight HTTP routing in auth/server flows
• zod for schema validation

There are no telemetry or analytics dependencies.

For security questions that are not vulnerabilities, open a GitHub issue without sensitive details.

Note: This plugin is not affiliated with OpenAI. For OpenAI security concerns, contact OpenAI directly.