claudebox

History

Christopher Mühl 72dfde91a8 feat!: thin layer over Claude /sandbox + nftables CIDR block Drops bwrap orchestration, history overlay, forced --dangerously-skip-permissions, SANDBOX.md injection, env-file loading. claude --sandbox handles kernel isolation; claudebox manages settings.local.json sandbox.* keys and installs nftables rules matched on claude-sandbox.slice cgroup membership. New flake outputs: nixosModules.default + checks.wrapper-syntax. Docs updated to reflect the layered (not structural) FS guarantee. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-11 12:19:40 +02:00
..
default.nix	feat!: thin layer over Claude /sandbox + nftables CIDR block	2026-05-11 12:19:40 +02:00

feat!: thin layer over Claude /sandbox + nftables CIDR block

Drops bwrap orchestration, history overlay, forced
--dangerously-skip-permissions, SANDBOX.md injection, env-file
loading. claude --sandbox handles kernel isolation; claudebox
manages settings.local.json sandbox.* keys and installs nftables
rules matched on claude-sandbox.slice cgroup membership.

New flake outputs: nixosModules.default + checks.wrapper-syntax.
Docs updated to reflect the layered (not structural) FS guarantee.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-11 12:19:40 +02:00

default.nix

feat!: thin layer over Claude /sandbox + nftables CIDR block

2026-05-11 12:19:40 +02:00