Christopher Mühl
c5e8cca867
- Replace --bind ~/.claudebox + --symlink with direct --bind ~/.claude ~/.claude - Add compute_canonical_root() function using git rev-parse --git-common-dir - Add per-project INSTANCE_DIR via sha256sum[:16] of canonical git root - Overlay projects/ with per-project hash dir for isolated conversation history - Overlay history.jsonl and SANDBOX.md as file-level bind mounts - Update credential mount target from ~/.claudebox to ~/.claude - Add CLAUDE_JSON_FILE (~/.claude.json) detection and conditional bind mount - Remove stale CLAUDE.md injection logic (D-06: user's real CLAUDE.md used) - Update dry-run block and print_audit to reflect new mount layout - Update SANDBOX.md heredoc to remove ~/.claudebox reference
74 lines
2.6 KiB
Markdown
74 lines
2.6 KiB
Markdown
# Phase 3: Sandbox-Aware Prompting - Discussion Log
|
|
|
|
> **Audit trail only.** Do not use as input to planning, research, or execution agents.
|
|
> Decisions are captured in CONTEXT.md -- this log preserves the alternatives considered.
|
|
|
|
**Date:** 2026-04-09
|
|
**Phase:** 03-sandbox-aware-prompting
|
|
**Areas discussed:** CLAUDE.md content, Generation behavior, Template storage
|
|
|
|
---
|
|
|
|
## CLAUDE.md Content
|
|
|
|
### Tone
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Terse reference | Bullet points, no prose. Minimal, scannable. | |
|
|
| Friendly guide | Short prose paragraphs explaining the sandbox, restrictions, and tools. | ✓ |
|
|
| Minimal one-liner | Single paragraph, bare minimum. | |
|
|
|
|
**User's choice:** Friendly guide
|
|
**Notes:** User noted that users might inject certain secrets themselves (e.g., personal git SSH keys), so the CLAUDE.md shouldn't confuse Claude with absolute "no SSH keys" claims.
|
|
|
|
### Unavailable Section Phrasing
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Default-aware phrasing | "By default, these are not mounted: ..." -- accurate without contradicting customizations. | ✓ |
|
|
| Omit unavailable section | Don't list restrictions at all. | |
|
|
| Dynamic generation | Inspect mounts at launch and generate restrictions dynamically. | |
|
|
|
|
**User's choice:** Default-aware phrasing
|
|
**Notes:** None
|
|
|
|
### Git Section
|
|
|
|
| Option | Description | Selected |
|
|
|--------|-------------|----------|
|
|
| Yes, brief note | Mention git identity is pre-configured, suggest HTTPS for remotes. | ✓ |
|
|
| Skip it | Git just works, let Claude figure it out. | |
|
|
|
|
**User's choice:** Yes, brief note
|
|
**Notes:** None
|
|
|
|
---
|
|
|
|
## Generation Behavior
|
|
|
|
### Context Injection Mechanism
|
|
|
|
User redirected the discussion: instead of managing CLAUDE.md directly, use a separate SANDBOX.md file with Claude Code's `@path` import syntax. This avoids touching user content and eliminates tool-use token overhead.
|
|
|
|
**Final approach:** claudebox writes SANDBOX.md (managed, overwritten each launch) and ensures CLAUDE.md has `@SANDBOX.md` import at top line (checked/re-added each launch).
|
|
|
|
**User's insight:** "We don't need to write CLAUDE.md like that at all. We can just write a separate file and add a quick reference at the top."
|
|
|
|
---
|
|
|
|
## Template Storage
|
|
|
|
Folded into Generation behavior -- SANDBOX.md content lives as a heredoc in claudebox.sh. No separate template file needed since the two-file architecture resolved the storage question.
|
|
|
|
---
|
|
|
|
## Claude's Discretion
|
|
|
|
- Exact prose wording in SANDBOX.md
|
|
- Shell implementation of first-line check
|
|
- Comment markers around import line
|
|
|
|
## Deferred Ideas
|
|
|
|
None
|