Comment by No1

12 hours ago

As luck would have it, I tried Antigravity for the first time a few days ago.

It was a complete buggy mess - at one point I asked Gemini why it could not use the network despite having network access enabled in the sandbox settings, and it told me that although it had network access, it couldn't use mdnsresponder while running with the built-in sandbox. Like, how well thought out, network access without DNS.

After burning through about 80% of my 5-hour window of credits, I finally just went sandboxless to get the thing running. It hit the limit pretty quickly. I waited until the 5 hour limit was up, and found the 5 hour window had morphed into a one week window, still drained of credits.

I thought at least I can keep on using Gemini CLI until Google figures out this Antigravity thing. Oh well.

4 comments

No1

Reply
OriginalPenguin  11 hours ago

My experience with any built in sandboxing for these command line tools has been awful.

What I've done instead is built a script to create a disposable virtual machine (using incus to manage it).

And then I just run the CLI inside the virtual machine and delete the vm at the end of each day.

  • shengpuerh  40 minutes ago

    Same, this has been a challenge since my development machine also has access to banking/personal sensitive data. I would really like to run with `--dangerously-skip-permissions` (or equivalents) without too much worry.

    Local VMs are heavyweight but useful if you are sandboxing an entire IDE/GUI app like Cursor. With containers it's somewhat annoying to share local files - Distrobox helps with GUI apps and mounting the home directory but loses sandboxing. I have been curious about Flatpak/bubblewrap, but haven't had time to try it.

    For now I've settled on containers, but I would like to shift to a remote VM like I have at work.

  • VHRanger  2 hours ago

    I'm curious why seemingly none of those projects tried using browsers JS/wasm execution as a sandbox instead

  • mijoharas  8 hours ago

    I built a pi extension. Pi repo has an example extension that uses anthropics sandbox which is a total buggy mess. (To be clear, that's anthropics sandbox itself, not the pi extension wrapper which is fine)

    I dug into it a little bit to see about improving things there, but decided to write a minimal version that better suited my needs instead.