toph/claudebox
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
claudebox/.planning/phases/03-sandbox-aware-prompting/03-DISCUSSION-LOG.md

2.6 KiB
Raw Blame History

Phase 3: Sandbox-Aware Prompting - Discussion Log

Audit trail only. Do not use as input to planning, research, or execution agents. Decisions are captured in CONTEXT.md -- this log preserves the alternatives considered.

Date: 2026-04-09 Phase: 03-sandbox-aware-prompting Areas discussed: CLAUDE.md content, Generation behavior, Template storage

CLAUDE.md Content

Tone

Option Description Selected
Terse reference Bullet points, no prose. Minimal, scannable.
Friendly guide Short prose paragraphs explaining the sandbox, restrictions, and tools.
Minimal one-liner Single paragraph, bare minimum.

User's choice: Friendly guide Notes: User noted that users might inject certain secrets themselves (e.g., personal git SSH keys), so the CLAUDE.md shouldn't confuse Claude with absolute "no SSH keys" claims.

Unavailable Section Phrasing

Option Description Selected
Default-aware phrasing "By default, these are not mounted: ..." -- accurate without contradicting customizations.
Omit unavailable section Don't list restrictions at all.
Dynamic generation Inspect mounts at launch and generate restrictions dynamically.

User's choice: Default-aware phrasing Notes: None

Git Section

Option Description Selected
Yes, brief note Mention git identity is pre-configured, suggest HTTPS for remotes.
Skip it Git just works, let Claude figure it out.

User's choice: Yes, brief note Notes: None

Generation Behavior

Context Injection Mechanism

User redirected the discussion: instead of managing CLAUDE.md directly, use a separate SANDBOX.md file with Claude Code's @path import syntax. This avoids touching user content and eliminates tool-use token overhead.

Final approach: claudebox writes SANDBOX.md (managed, overwritten each launch) and ensures CLAUDE.md has @SANDBOX.md import at top line (checked/re-added each launch).

User's insight: "We don't need to write CLAUDE.md like that at all. We can just write a separate file and add a quick reference at the top."

Template Storage

Folded into Generation behavior -- SANDBOX.md content lives as a heredoc in claudebox.sh. No separate template file needed since the two-file architecture resolved the storage question.

Claude's Discretion

  • Exact prose wording in SANDBOX.md
  • Shell implementation of first-line check
  • Comment markers around import line

Deferred Ideas

None