Created
May 4, 2026 13:56
-
-
Save spelufo/d95dad054e97dbaa15538ff365afa013 to your computer and use it in GitHub Desktop.
Quick and dirty osx sandbox for coding agents
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sbox() { | |
| sandbox-exec -f ~/bin/dotfiles/osx/sandbox.sb -D DIR="$(pwd)" "$@" | |
| } | |
| alias pi='sbox pi' | |
| alias piro='sbox pi --tools read,grep,find,ls' | |
| alias claude='sbox claude' | |
| alias oc='sbox opencode' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ; Configuration to prevent coding agents from touching user files outside the current directory. | |
| (version 1) | |
| (debug deny) | |
| (allow default) | |
| (deny file* | |
| (regex "^/Users/spelufo/[^.]")) | |
| (allow file* | |
| (subpath "/Users/spelufo/bin") | |
| (subpath (param "DIR"))) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment