security: disable OpenAI Codex due to mass surveillance concerns

[AndrewAltimit]

Summary

• Disables all OpenAI Codex integration across pipelines, MCP config, and CLI tooling due to OpenAI's partnerships with governments conducting mass surveillance and enabling autonomous weapons
• Adds a prominent security notice to README.md explaining the rationale and recommending Anthropic Claude as the primary alternative
• Updates all documentation references (AGENTS.md, site/docs.html, mcp-ai-consult crate) to reflect the change

All Codex code is disabled, not removed -- original configurations and scripts are preserved but bypassed (commented out in YAML, early-exit in shell scripts, renamed key in JSON).

Files changed (9)

File	Change
README.md	New "Security Notice: OpenAI / Codex Phased Out" section
docker-compose.yml	mcp-codex service commented out with deprecation notice
.mcp.json	Codex entry renamed to _codex_DISABLED_SECURITY_RISK, command changed to echo
tools/cli/agents/run_codex.sh	Early exit with warning, original script retained below
tools/cli/containers/run_codex_container.sh	Same treatment
AGENTS.md	PR validation description updated, notes Codex disabled
site/docs.html	Same update for GitHub Pages
mcp-ai-consult/Cargo.toml	Package description updated
mcp-ai-consult/src/lib.rs	Module doc comment updated

Test plan

• Pre-commit hooks pass (fmt, clippy, 93 tests)
• Verify docker compose config --services no longer lists mcp-codex
• Verify run_codex.sh exits immediately with warning
• Verify .mcp.json is valid JSON and Claude Code does not attempt to launch Codex

Generated with Claude Code