| ▲ | dnw 12 hours ago | |
I have seen Claude disable its sandbox. Here is the most recent example from a couple of weeks ago while debugging Rust: "The panic is due to sandbox restrictions, not code errors. Let me try again with the sandbox disabled:" I have since added a sandbox around my ~/dev/ folder using sandbox-exec in macOS. It is a pain to configure properly but at least I know where sandbox is controlled. | ||
| ▲ | resfirestar 11 hours ago | parent [-] | |
That refers to the sandbox "escape hatch" [1], running a command without a sandbox is a separate approval so you get another prompt even if that command has been pre-approved. Their system prompt [2] is too vague about what kinds of failures the sandbox can cause, in my experience the agent always jumps straight to disabling the sandbox if a command fails. Probably best to disable the escape hatch and deal with failures manually. [1] https://code.claude.com/docs/en/sandboxing#configure-sandbox... [2] https://github.com/Piebald-AI/claude-code-system-prompts/blo... | ||