Comment by OriginalPenguin
11 hours ago
My experience with any built in sandboxing for these command line tools has been awful.
What I've done instead is built a script to create a disposable virtual machine (using incus to manage it).
And then I just run the CLI inside the virtual machine and delete the vm at the end of each day.
Same, this has been a challenge since my development machine also has access to banking/personal sensitive data. I would really like to run with `--dangerously-skip-permissions` (or equivalents) without too much worry.
Local VMs are heavyweight but useful if you are sandboxing an entire IDE/GUI app like Cursor. With containers it's somewhat annoying to share local files - Distrobox helps with GUI apps and mounting the home directory but loses sandboxing. I have been curious about Flatpak/bubblewrap, but haven't had time to try it.
For now I've settled on containers, but I would like to shift to a remote VM like I have at work.
I'm curious why seemingly none of those projects tried using browsers JS/wasm execution as a sandbox instead
I built a pi extension. Pi repo has an example extension that uses anthropics sandbox which is a total buggy mess. (To be clear, that's anthropics sandbox itself, not the pi extension wrapper which is fine)
I dug into it a little bit to see about improving things there, but decided to write a minimal version that better suited my needs instead.