-
toph released this
2026-04-10 08:05:58 +00:00 | 45 commits to main since this releaseDelivered: Nix-packaged bwrap sandbox wrapper for Claude Code with full secret isolation.
Key accomplishments:
- bwrap sandbox with clearenv, env allowlist, tmpfs root, secret path hiding
- CLI with --check, --dry-run, --shell diagnostic modes
- Pre-launch env audit with grouped display and sensitive value masking
- SANDBOX.md generation for sandbox-aware prompting
- Cross-distro support (NixOS + standard Linux)
See .planning/MILESTONES.md for full details.
Downloads
-
Source code (ZIP)
1 download
-
Source code (TAR.GZ)
1 download