| ▲ | nh2 2 hours ago | |
I find that a bit of a weird point. The goal of such sandboxing is that you can allow the agent to freely write/execute/test code during development, so that it can propose a solution/commit without the human having to approve every dangerous step ("write a Python file, then execute it" is already a dangerous step). As the post says: "To safely run a coding agent without review". You would then review the code, and use it if it's good. Turning many small reviews where you need to be around and babysit every step into a single review at the end. What you seem to be asking for (shipping the generated code to production without review) is a completely different goal and probably a bad idea. If there really were a tool that can "scan the generated code" so reliably that it is safe to ship without human review, then that could just be part of the tool that generates the code in the first place so that no code scanning would be necessary. Sandboxing wouldn't be necessary either then. So then sandboxing wouldn't be "half the picture"; it would be unnecessary entirely, and your statement simplifies to "if we could auto-generate perfect code, we wouldn't need any of this". | ||
| ▲ | giancarlostoro an hour ago | parent [-] | |
If that's the goal, why not just have Claude Code do it all from your phone at that point? Test it when its done locally you pull down the branch. Not 100% frictionless, but if it messes up an OS it would be anthropic's not yours. | ||