OpenAI integrates Codex into ChatGPT Work, raises security concerns

Serge Bulaev

Serge Bulaev

OpenAI has added Codex to ChatGPT Work, letting the assistant help with reading documents, running code, and editing files inside a workspace. Early reviews suggest companies see faster document and code work, but also worry about security, especially if teams do not control access and monitor use. Research shows that up to a third of prompts may include sensitive data, and there are risks like "shadow AI" use, weak logging, and possible bad advice from the assistant. Experts suggest strict security steps may reduce, but not fully remove, these risks. Whether ChatGPT Work brings lasting benefits appears to depend on strong rules, security controls, and regular checks.

OpenAI integrates Codex into ChatGPT Work, raises security concerns

OpenAI integrated Codex into ChatGPT (available to Pro, Business, Enterprise, and Plus users), where it acts as a coding agent that reads files, executes code in a sandbox, and manages GitHub repositories, but no product named 'ChatGPT Work' exists. While early adopters report significant productivity gains in document and code generation, they also raise urgent security concerns. Key risks include data leakage from sensitive prompts, "shadow AI" from unsanctioned use, and inadequate audit trails. Experts agree that while robust security measures can mitigate these issues, they cannot be fully eliminated. The ultimate success of ChatGPT's coding capabilities will depend on a foundation of strong governance, rigorous security controls, and consistent monitoring.

OpenAI folds Codex into ChatGPT superapp

OpenAI integrates Codex into ChatGPT, evolving its AI assistant from a prompt-reply bot to a powerful workplace collaborator capable of executing multi-step projects. While enterprises see massive potential for accelerating document drafting and coding, this new power also raises immediate and critical questions about security and governance. Industry reports highlight a critical factor for success: security teams must own access controls and monitoring from day one. Security experts warn that without this direct oversight, incidents of "shadow AI" - where staff use personal accounts for company data - dramatically increase.

The integration of Codex into ChatGPT equips the AI with the ability to understand context from documents, access a terminal, execute code, and perform complex tasks like editing spreadsheets or querying databases. This transforms the tool from a conversational bot into an autonomous agent for completing work.

Running on GPT-5.6 Sol, Codex now powers ChatGPT's coding capabilities. Demonstrations show the agent reading a design brief, opening an embedded terminal to execute scripts, and returning annotated pull requests. OpenAI confirms a context window of approximately 512K tokens - sufficient for most codebases. The workflow also extends to editing spreadsheets, querying databases, and updating presentations directly within the chat interface.

Governance and security hurdles

Industry research identifies recurring security and governance challenges:

• Shadow AI usage that blinds security teams.
• A significant portion of prompts containing source code, personal data, or financial figures.
• Native logs that lack structured audit trails for SOX and HIPAA evidence.
• Hallucinated technical advice that could create liability.
• Aggregate usage dashboards that cannot attribute costs to individual projects.

Security analysts connect these vulnerabilities to major compliance frameworks like the EU AI Act, NIS2, HIPAA, and GDPR. To address them, experts recommend implementing familiar IT infrastructure and policy controls.

  • Mandatory Single Sign-On and SCIM provisioning lock every session to corporate identity.
  • Prompt-level Data Loss Prevention screens sensitive strings before they reach the model.
  • A third-party governance layer captures prompts and outputs for automated evidence packs.
  • Quarterly plugin reviews limit scope creep as assistants gain file-system and SaaS access.

While these controls significantly reduce risk, experts caution that they do not eliminate it. Security experts emphasize that the "real attack surface is the prompt channel," highlighting the persistent danger of data leakage through user input.

Competitive context

In the workplace assistant market, OpenAI faces two main competitors. Microsoft Copilot is deeply integrated into Office applications for a monthly fee, while Google Gemini for Workspace offers various capabilities. While context windows and strengths vary by model, general data shows 98% of organizations report unsanctioned AI use:

Feature ChatGPT Microsoft Copilot Google Gemini
Context window ~512K tokens 128K-400K Varies by model
Strength Deep reasoning, coding Office productivity integration Native multimodal research
Adoption metric Growing usage Dominant in Microsoft 365 estates Growing in Google Workspace users

This competitive landscape forces CIOs to weigh the benefits of a flexible, independent tool against the convenience of ecosystem lock-in. ChatGPT appeals to teams needing a versatile coding and creative canvas, while Copilot is the natural choice for Microsoft-centric organizations. Gemini excels in scenarios involving large document sets or multimedia assets.

Industry research indicates a shift in programmer roles. While studies show productivity boosts for routine tasks, more complex work can slow down as senior engineers must carefully validate AI-generated code. Successful adoption teams typically spend their first two months mapping sensitive workflows, finalizing Data Protection Agreements, and piloting governance tools before a wider rollout.

Ultimately, while ChatGPT demonstrates the power to execute code and draft documents within a single interface, its long-term productivity value hinges on disciplined security protocols, clear usage policies, and continuous auditing.


What exactly is ChatGPT's coding capabilities?

ChatGPT is OpenAI's super-app that blends the latest Codex coding engine with the GPT-5.6 Sol language model inside one chat window.
Unlike a normal chatbot, it can read your company files, write code, run that code, and ship finished artifacts without asking you to copy-paste anything elsewhere.
Early testers inside OpenAI already use it for multi-step repo migrations, live data analysis and automatic documentation, moving the assistant from "answerer" to teammate.

How is ChatGPT different from Microsoft Copilot or Google Gemini?

Stand-out point ChatGPT Microsoft Copilot Google Gemini for Workspace
Model flexibility GPT-5.6 Sol - scores 53.6 on Agents' Last Exam and 80 on the Artificial Analysis Coding Agent Index Models via Azure (specific version not publicly confirmed) Gemini models (version varies)
In-chat execution Full Python / Bash runtime inside the same thread Limited to Excel formulas & Power-Automate flows No code runner inside Docs/Sheets
Workflow depth Can plan, code, test and open pull-requests in one session Focused on single-document tasks Strong on research, weak on execution

Bottom line: choose ChatGPT when you need agent-style coding; stay with Copilot for Office-heavy teams and Gemini for massive-document analysis.

Which security risks appear when an AI writes and runs code on company data?

  1. Shadow usage - A significant portion of enterprise prompts leak source code, PII or financials according to industry reports.
  2. Prompt injection - every file the assistant can read is a potential attack vector.
  3. Audit gaps - native OpenAI logs are too coarse for SOX, HIPAA, EU AI Act evidence.
  4. Hallucinated dependencies - the model may suggest malicious packages that look legitimate.

Experts recommend a third-party governance layer that enforces real-time DLP, SSO and automated evidence collection before any code is executed.

Will developers lose their jobs to this new autonomous coding?

Industry reports show Codex is already used by many engineers, but roles are shifting rather than disappearing.

Task category Impact
Boilerplate, tests, simple refactors Significant speed-up
Familiar, complex modules Often slower due to review overhead
Entry-level coding jobs Highest displacement risk
Architecture & integration work Still human-led; demand rising for engineers who can direct, secure and audit AI output

So the short answer is no wholesale layoffs, but junior "code-only" positions shrink while AI-savvy senior engineers become more valuable.

How should an enterprise pilot ChatGPT safely?

  1. Sign an Enterprise contract that includes a Data Protection Agreement and Zero Data Retention.
  2. Route every login through corporate SSO + SCIM - no consumer accounts.
  3. Deploy a governance platform (prompt DLP, cost attribution, compliance mapping).
  4. Start with low-risk sandboxes - internal tools, docs, dev-test environments.
  5. Maintain an Acceptable Use Policy that lists off-limit data and requires human review of any AI-generated code before it reaches production.

Following this governed rollout keeps security teams, auditors and regulators satisfied while teams gain the productivity benefits already confirmed in controlled trials.