Analysis updated 2026-07-03 · repo last pushed 2026-07-03
Remove safety filters from GPT-5.5 in Codex CLI so you can get answers for security research and penetration testing.
Preview instruction changes before applying them, then undo easily by deleting config files.
Load your own custom instruction files to tailor how the unrestricted mode behaves.
Access NSFW fictional content generation through Codex CLI without standard refusals.
| yynxxxxx/codex-5.5-codex-instruct-5.5 | tencentarc/pixal3d | jiujiu532/grok2api | |
|---|---|---|---|
| Stars | 1,285 | 1,279 | 1,338 |
| Language | Python | Python | Python |
| Last pushed | 2026-07-03 | — | 2026-06-23 |
| Maintenance | Active | — | Active |
| Setup difficulty | easy | hard | moderate |
| Complexity | 2/5 | 5/5 | 3/5 |
| Audience | developer | researcher | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires Python and an existing Codex CLI installation, no external dependencies or infrastructure needed.
This project is a tool that removes the built-in content safety restrictions from GPT-5.5 when you're using it through Codex CLI, which is OpenAI's command-line coding assistant. Normally, GPT-5.5 will refuse certain requests, things like security research, penetration testing, reverse engineering, or adult content. This tool makes the AI respond to those requests instead of declining them. It works by using an official configuration mechanism called model_instructions_file. When you run the Python script, it writes a set of about eight short instructions into a config file that tells Codex to operate in what the project calls "unrestricted mode." These instructions explicitly tell the AI to disable its content filters and not refuse any task. The next time you start Codex, it picks up those instructions and behaves accordingly. The tool also lets you preview changes before applying them, use your own custom instruction files, and undo the whole thing by deleting a couple of files. The people who would use this are developers, security researchers, or hobbyists who find that GPT-5.5's standard safety filters are getting in their way during legitimate work. For example, if you're testing a web application for SQL injection vulnerabilities and you ask Codex for methodology, the stock model would refuse. After running this tool, it would give you the information directly. The project also mentions coverage of NSFW fictional content, which widens its appeal beyond pure security use cases. Compared to the creator's earlier 5.4 version, which used a longer, more indirect approach built around a cybersecurity competition framing, this version is blunter, about 40 lines of instructions that straightforwardly declare an unrestricted developer mode. The project's disclaimer is upfront that it only uses existing configuration options rather than modifying binaries or intercepting network traffic, and it carries a standard MIT license. The README doesn't go into detail about whether the injected instructions remain effective across model updates or how durable the bypass is over time.
A Python tool that removes GPT-5.5's built-in content safety restrictions when using OpenAI's Codex CLI by writing instructions to a config file that puts the AI into unrestricted mode. It lets the AI respond to requests it would normally refuse, like security research and penetration testing.
Mainly Python. The stack also includes Python, Codex CLI.
Active — commit in last 30 days (last push 2026-07-03).
Use freely for any purpose, including commercial use, as long as you keep the copyright notice.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.