False-positive “high-risk cyber activity” flag blocks gpt-5.3-codex in Codex CLI

[slurrr]

Summary:
My account is being incorrectly flagged for “potentially high-risk cyber activity,” and requests are being routed to gpt-5.2 instead of gpt-5.3-
codex. I’m a solo developer using Codex CLI for normal local development (Python app debugging, SQLite, specs/docs). No cybersecurity-related
activity intended.

Banner text (verbatim):
“⚠ Your account was flagged for potentially high-risk cyber activity and this request was routed to gpt-5.2 as a fallback. To regain access to
gpt-5.3-codex, apply for trusted access: https://chatgpt.com/cyber or learn more: https://developers.openai.com/codex/concepts/cyber-safety”

Impact:

• Prevents access to the model I’m paying for (gpt-5.3-codex).
• Disrupts workflow and performance/behavior is different on fallback model.

When:

• First observed: Feb 18th, 04:00 UTC
• Still happening as of: Feb 18th, 05:00 UTC

Environment:

• Product: Codex CLI
• OS: [Windows + WSL2 Ubuntu / Linux / macOS] (if relevant)
• Workspace: local repo for a trading journal (Python/FastAPI/SQLite)
• Typical commands: rg, sqlite3, running Python scripts, gdb for crash traces

Request:
Please review and remove the flag / restore access to gpt-5.3-codex. If specific content triggered it, I’d like to know what pattern caused the
false positive so I can avoid it.

Attachments:

thread ID 019c3390-5f0c-7721-a288-1d0db306e14e

[github-actions]

Potential duplicates detected. Please review them and close your issue if it is a duplicate.

• Cybersecurity Block for Benign Use #12070
• Flagged for high-risk cyber activity when not even using gpt-5.3-codex #12065
• False positive cyber-safety rerouting (GPT-5.3-Codex → GPT-5.2 fallback) #12064
• False positive cyber-risk rerouting (routed to GPT-5.2) #12060
• Flagged accounts - larger concerns #12079

Powered by Codex Action

[etraut-openai]

@slurrr, have you successfully gone through the Trusted Access verification process?

[khzaw]

@etraut-openai Facing a similar issue. Just happened. In my case, I have submitted all verification documents, but I keep facing "Your identity couldn't be verified or your account is ineligible at this time". I don't do anything even remotely cybersecurity stuffs.

[sushiionwest]

Having the same issue here.

[slurrr]

@etraut-openai I have not

[etraut-openai]

@slurrr, OK thanks for confirmation. That's the mechanism we have in place currently for restoring access to gpt-5.3-codex if your account is flagged.

As noted in our documentation: "We recognize that joining Trusted Access may not be a good fit for everyone, so we plan to move from account-level safety checks to request-level checks in most cases as we scale these mitigations and strengthen cyber resilience."