A macOS sandbox wrapper for Claude Code that restricts file system access to project directories while blocking sensitive folders, providing secure isolated execution with automatic package manager detection.
git clone https://github.com/Greitas-Kodas/claudebox.gitclaudebox wraps Claude Code in macOS sandbox-exec to create an isolated execution environment that restricts file system access to your project directory while blocking access to sensitive folders like ~/.ssh, ~/.aws, and ~/Documents. It automatically detects installed package managers including Homebrew, npm, nvm, fnm, nodenv, and Nix, then generates a dynamic sandbox profile tailored to your development environment. The tool provides configurable process limits, comprehensive logging, and dry-run modes for testing. This is useful for developers who want to run Claude Code with additional security guarantees, prevent accidental access to sensitive data, or audit exactly what resources Claude can interact with during code generation and execution.
Clone the repository and run `chmod +x claudebox && ./claudebox` in your project directory, or install globally with `sudo cp claudebox /usr/local/bin/`. Enable debug output with `CLAUDEBOX_VERBOSE=1` or use dry-run mode with `CLAUDEBOX_DRY_RUN=1` to preview execution. Customize behavior via `~/.claudeboxrc` configuration file or environment variables like `CLAUDEBOX_CONFIG`.
Running Claude Code in isolated sandbox for untrusted prompts or code generation tasks
Preventing accidental access to sensitive files like SSH keys or AWS credentials
Auditing and controlling which system resources Claude can access during development
Securing multi-project development environments with strict file system boundaries
No install command available. Check the GitHub repository for manual installation instructions.
git clone https://github.com/Greitas-Kodas/claudeboxCopy the install command above and run it in your terminal.
Launch Claude Code, Cursor, or your preferred AI coding agent.
Use the prompt template or examples below to test the skill.
Adapt the skill to your specific use case and workflow.
Create a secure macOS sandbox environment for [COMPANY] using Claude Code to process [DATA] from [INDUSTRY]. Ensure the environment is isolated and follows best practices for security and data handling.
```markdown # Secure macOS Sandbox Environment for Data Processing ## Environment Setup - **Isolation Level**: Full process isolation with restricted network access - **Resource Limits**: CPU: 2 cores, Memory: 4GB, Disk: 20GB - **Security Measures**: Read-only file system, no external network access, sandboxed terminal ## Data Processing Workflow 1. **Data Ingestion**: Securely import [DATA] from [INDUSTRY] sources 2. **Data Processing**: Execute [COMPANY]'s data processing scripts in the isolated environment 3. **Output Handling**: Export processed data to a secure, encrypted location ## Security Compliance - **Audit Logs**: Detailed logs of all actions performed within the sandbox - **Data Encryption**: All data at rest and in transit is encrypted using AES-256 - **Access Control**: Role-based access control (RBAC) to ensure only authorized personnel can access the sandbox ## Monitoring and Maintenance - **Real-time Monitoring**: Continuous monitoring of the sandbox environment for any suspicious activities - **Automated Backups**: Regular backups of the sandbox environment to ensure data integrity - **Regular Updates**: Frequent updates to the sandbox environment to patch any security vulnerabilities ```
AI assistant built for thoughtful, nuanced conversation
Streamline banking integrations for smarter business
Get more done every day with Microsoft Teams – powered by AI
Automate your spreadsheet tasks with AI power
Agentic AI Workflow platform
Connected workspace for docs, wikis, and projects
Take a free 3-minute scan and get personalized AI skill recommendations.
Take free scan