| ▲ | falcor84 12 hours ago | |
As I see it, the only real solution is to put it into a container that has a firewall with a short whitelist. | ||
| ▲ | moss_dog 12 hours ago | parent [-] | |
I was looking into this earlier -- presumably you'd also need to allowlist Claude itself (whatever endpoints it hits to run inference etc). VM firewall gets a little trickier with Claude's web search tool, too. The solution I landed on recently was to locally modify the Chrome devtools MCP to launch the browser instance with strict network restrictions. I believe the implementation used `--host-resolver-rules`, blocking all URLs by default with an environment variable to control the allowlist (which, in hindsight, Claude can easily work around if it needs to -- I should probably just hard-code the allowlist). | ||