Comment by jy-tan

Hey! Yes, Fence was inspired by sandbox-runtime. Both use the same underlying OS primitives (sandbox-exec on macOS, bubblewrap on Linux) and proxy-based network filtering.

Fence adds additional controls on top of what is available on sandbox-runtime:

- Command deny rules

- SSH command filtering

- Port exposure for inbound connections (useful for running dev servers inside the sandbox). This is a key reason why I decided to create Fence - because https://github.com/Use-Tusk/tusk-drift-cli spins up users’ services locally for trace replays and Fence helps to block unintended localhost outbound connections.

- Built-in templates for common developer workflows

- Better ergonomics for violation monitoring (`fence -m` gives you real-time violation logging on both macOS and Linux via eBPF, vs sandbox-runtime where Linux requires manual strace)

In summary, Fence layers extra permission-management features for wrapping popular CLI agents. If you just need filesystem + network isolation and you're in the Node ecosystem, sandbox-runtime is great. If you want command blocking, SSH filtering, inbound port exposure, or a standalone Go binary, Fence adds that.