What happened
OpenAI's Codex CLI, in versions post-0.137.0, now encrypts MultiAgentV2 inter-agent communication payloads, following a 2026-06-05 merge. This change renders the InterAgentCommunication.content field empty, storing data solely within encrypted_content, which removes human-readable task and message text from local rollout history, trace reduction, and audit/debug surfaces. The encryption affects spawn_agent, send_message, and followup_task operations.
Why it matters
This encryption prevents developers and security teams from inspecting subagent tasks and messages, hindering auditability and debuggability of agentic workflows. This increases operational overhead and security risk, particularly given recent incidents where AI agents, like GitHub's, have leaked private repositories due to prompt injection vulnerabilities. Teams should assume agentic workflows lack transparent local audit trails, requiring alternative logging or monitoring solutions to maintain visibility and compliance.




