Comment by agentifysh

hi there

i came up with SafeExec to avoid heavy sandboxes or docker and a fast easy way to catch codex/claude from running/hallucinating destructive commands and it has been tested on mac and linux

being bash doesn't erode its ability to act as a goal keeper but looks like you are after sandbox which is overkill for the scope