.png)
3 months ago
2
Secure macOS sandbox wrapper for Claude Code
Run Claude Code with confidence. claudebox provides automatic package manager detection, comprehensive file system protection, and configurable security policies.
$ ./claudebox
✓ Package managers detected
✓ Sandbox profile generated
✓ Claude Code running securely
▊
Powerful Security Features
🔍
Auto Package Detection
Automatically detects and configures access for Homebrew, npm, nvm, fnm, nodenv, and Nix package managers.
- Homebrew (ARM & Intel)
- Node Version Managers
- Nix Store Access
🛡️
Comprehensive Protection
Blocks access to sensitive directories while allowing necessary system resources and development tools.
- Protects ~/Documents, ~/Desktop
- Blocks ~/.ssh, ~/.aws access
- Allows IDE configurations
⚡
Performance Optimized
Intelligent caching and parallel detection ensure minimal overhead while maintaining security.
- 1-hour path caching
- Parallel package detection
- Minimal startup time
🔧
Developer Friendly
Rich debugging options, dry-run mode, and comprehensive configuration support.
- Verbose logging mode
- Profile validation
- Custom configuration
Quick Installation
Direct Usage
System Installation
Usage Examples
Basic Usage
Debug Mode
Profile Management
Advanced Configuration
Security Model
✅ Allowed Access
- Project directory: Full read/write access
- System binaries: /usr, /bin, /sbin, /System
- Package managers: Detected paths
- Claude config: ~/.claude, ~/.claude.json
- IDE configs: .vscode, .cursor, .vim (read-only)
- Networking: Full network access
- Temp directories: /tmp and system temp
❌ Blocked Access
- Personal directories: ~/Documents, ~/Desktop
- Media folders: ~/Pictures, ~/Movies
- Sensitive configs: ~/.ssh, ~/.aws, ~/.gnupg
- Kubernetes: ~/.kube
- System modifications: Protected system files
- Downloads: ~/Downloads directory
Ready to Secure Your Development?
Get started with claudebox today and run Claude Code with confidence.
