Comment by simonw
1 month ago
The feature I want most from all of these "agentic" coding tools is a robust, trustworthy sandbox that limits the blast radius for when something goes wrong.
I'm currently leaning on Docker for Mac for this, which seems robust enough - but it would be nice if sensible sandboxes were the default, not something you have to actively enable yourself.
Claude Artifacts and ChatGPT Code Interpreter are still the AI-assisted coding tools I use most often, mainly because I know their sandboxes are rock solid.
This is amazing.. the escalation comes when LLMs realize they are stuck in a VM and try to hack their way out and then we realize something about ourselves.
I think spawning a new worktree and then mounting it to a docker container is good enough and quick to do.
I'm running Claude Code in a container and have been quite pleased. I mean... I'm not going to hook it to any MCP that can contact the outside work besides making commits, so I'm good... but it does seem like a lot of people are handing the keys to drunk teenagers.
Devcontainer is a sandbox. I use it religiously. It is essential for basic cybersecurity.