From 7b1220bdf151f7036a4081c2636b89058bcb3b2a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christopher=20M=C3=BChl?= <toki@toph.so>
Date: Thu, 9 Apr 2026 11:05:02 +0200
Subject: [PATCH] docs(01): resolve open research questions

---
 .../01-minimal-viable-sandbox/01-RESEARCH.md       | 14 ++++----------
 1 file changed, 4 insertions(+), 10 deletions(-)

diff --git a/.planning/phases/01-minimal-viable-sandbox/01-RESEARCH.md b/.planning/phases/01-minimal-viable-sandbox/01-RESEARCH.md
index 1c49209..ef04b09 100644
--- a/.planning/phases/01-minimal-viable-sandbox/01-RESEARCH.md
+++ b/.planning/phases/01-minimal-viable-sandbox/01-RESEARCH.md
@@ -401,22 +401,16 @@ Note: `--symlink` creates `TARGET LINK_NAME` (dest is the symlink path). The `en
 | A4 | jq, ripgrep, fd are standard nixpkgs packages | Standard Stack | Build would fail if package names differ |
 | A5 | flake.nix structure with writeShellApplication + builtins.readFile | Code Examples | Nix build would fail if API differs |
 
-## Open Questions
+## Open Questions (RESOLVED)
 
 1. **Claude Code source: host vs flake input**
-   - What we know: Host has claude-code 2.1.70 (custom derivation with MCP injection), nixpkgs has 2.0.51
-   - What's unclear: Should claudebox depend on the host's claude or bundle its own?
-   - Recommendation: Discover claude from host PATH at runtime (`CLAUDE_BIN=$(command -v claude)`). This avoids version management and respects the host's claude-code configuration. The script should fail fast with a clear error if `claude` is not found.
+   - RESOLVED: Discover claude from host PATH at runtime (`CLAUDE_BIN=$(command -v claude)`). This avoids version management and respects the host's claude-code configuration. The script fails fast with a clear error if `claude` is not found.
 
 2. **XDG_RUNTIME_DIR inside sandbox**
-   - What we know: It's in the allowlist (SAND-03), typically `/run/user/1000` on the host
-   - What's unclear: Whether to bind-mount the host's XDG_RUNTIME_DIR or create a tmpfs one
-   - Recommendation: Set `--setenv XDG_RUNTIME_DIR /tmp` inside the sandbox (D-04 says sandbox-generated). Don't mount the host's runtime dir as it may contain secret sockets.
+   - RESOLVED: Set `--setenv XDG_RUNTIME_DIR /tmp` inside the sandbox (D-04 says sandbox-generated). Don't mount the host's runtime dir as it may contain secret sockets.
 
 3. **`~/.claudebox` creation**
-   - What we know: SAND-08 says bind-mount `~/.claudebox` as `~/.claude`
-   - What's unclear: Who creates `~/.claudebox` if it doesn't exist?
-   - Recommendation: Script should `mkdir -p ~/.claudebox` before bwrap invocation if it doesn't exist.
+   - RESOLVED: Script does `mkdir -p ~/.claudebox` before bwrap invocation if it doesn't exist.
 
 ## Environment Availability