Skill

sandbox-configuration

Guides Claude Code sandbox configuration for filesystem/network isolation, OS enforcement (bubblewrap/Seatbelt), proxies, escape hatches, and troubleshooting via docs-management delegation.

Bash

Linux

security

developer-tools

npx claudepluginhub melodic-software/claude-code-plugins --plugin claude-ecosystem

Tool Access

This skill is limited to using the following tools:

ReadGlobGrepSkill

Preview

> **STOP - Before providing ANY response about Claude Code sandboxing:**

SKILL.md

Similar Skills

Sandboxing Skill

Implements process isolation and sandboxing for untrusted code using seccomp-BPF, namespaces, AppArmor/SELinux on Linux; AppContainer on Windows; sandbox-exec on macOS; Docker/K8s contexts.

3 files

martinholovsky-claude-skills-generator

sandbox-sdk

1.4k

Builds secure code execution sandboxes on Cloudflare Workers with Sandbox SDK. Handles commands, Python/JS/TS interpreters, files, ports; prefers Cloudflare docs retrieval.

2 files

cloudflare

Cloudflare Sandboxes SDK

Enables secure execution of untrusted Python/Node.js code, git operations, and scripts in persistent Linux containers on Cloudflare edge using Workers SDK.

16 files

cloudflare-sandbox

Stats

Parent Repo Stars40

Parent Repo Forks6

Last CommitJan 11, 2026

Actions

View Source View Plugin View on GitHub View README

Help us improve

Share bugs, ideas, or general feedback.

Sandbox Configuration Skill

MANDATORY: Invoke docs-management First

STOP - Before providing ANY response about Claude Code sandboxing:

INVOKE docs-management skill

QUERY for the user's specific topic

BASE all responses EXCLUSIVELY on official documentation loaded

Skipping this step results in outdated or incorrect information.

Verification Checkpoint

Before responding, verify:

Did I invoke docs-management skill?
Did official documentation load?
Is my response based EXCLUSIVELY on official docs?

If ANY checkbox is unchecked, STOP and invoke docs-management first.

Overview

Central authority for Claude Code sandboxing and isolation. This skill uses 100% delegation to docs-management - it contains NO duplicated official documentation.

Architecture: Pure delegation with keyword registry. All official documentation is accessed via docs-management skill queries.

When to Use This Skill

Keywords: sandboxing, sandbox, /sandbox, filesystem isolation, network isolation, bubblewrap, Seatbelt, dangerouslyDisableSandbox, allowUnsandboxedCommands, excludedCommands, httpProxyPort, socksProxyPort, domain restrictions, sandbox configuration, blocked access

Use this skill when:

Configuring sandbox settings
Understanding filesystem isolation
Setting up network isolation
Troubleshooting sandbox blocking commands
Understanding OS-level enforcement
Configuring escape hatches
Setting up proxy support

Keyword Registry for docs-management Queries

Use these keywords when querying docs-management skill for official documentation:

Sandbox Overview

Topic	Keywords
Overview	"sandboxing", "sandboxed bash tool", "/sandbox command"
Why Sandbox	"why sandboxing", "approval fatigue", "sandbox productivity"
OS Enforcement	"bubblewrap", "Seatbelt", "OS-level enforcement"

Filesystem Isolation

Topic	Keywords
Default Behavior	"filesystem isolation", "sandbox filesystem", "default writes"
Blocked Access	"blocked access", "sandbox blocked patterns"
Custom Paths	"custom allowed paths", "custom denied paths"
Protection	"critical file modification", "filesystem protection"

Network Isolation

Topic	Keywords
Domain Restrictions	"network isolation", "domain restrictions", "sandbox network"
Proxy Support	"httpProxyPort", "socksProxyPort", "custom proxy"
User Confirmation	"user confirmation domains", "new domain approval"

Configuration Options

Topic	Keywords
Settings	"sandbox configuration", "sandbox settings"
Escape Hatch	"dangerouslyDisableSandbox", "allowUnsandboxedCommands"
Excluded Commands	"excludedCommands", "sandbox exclusions"
Security Limitations	"sandbox security limitations", "domain fronting"

Quick Decision Tree

What do you want to do?

Enable/disable sandbox -> Query docs-management: "sandboxing", "/sandbox command"
Configure filesystem access -> Query docs-management: "filesystem isolation", "sandbox filesystem"
Configure network access -> Query docs-management: "network isolation", "domain restrictions"
Allow specific commands -> Query docs-management: "excludedCommands", "allowUnsandboxedCommands"
Set up proxy -> Query docs-management: "httpProxyPort", "socksProxyPort"
Understand limitations -> Query docs-management: "sandbox security limitations"

Topic Coverage

Sandbox System

Sandboxed bash tool overview
/sandbox slash command
Why sandboxing matters (approval fatigue, productivity, autonomy)
OS-level enforcement (bubblewrap on Linux, Seatbelt on macOS)
Open source sandbox runtime

Filesystem Isolation Topics

Default writes behavior
Default read behavior
Blocked access patterns
Custom allowed and denied paths
Protection against critical file modification

Network Isolation Topics

Domain restrictions
User confirmation for new domains
Custom proxy support
Comprehensive coverage for subprocesses
httpProxyPort and socksProxyPort settings

Configuration Options Topics

dangerouslyDisableSandbox escape hatch
allowUnsandboxedCommands configuration
excludedCommands list
Security limitations and considerations

Troubleshooting Quick Reference

Issue	Keywords for docs-management
Sandbox blocking commands	"excludedCommands", "allowUnsandboxedCommands"
Network requests blocked	"network isolation", "domain restrictions"
Filesystem access denied	"filesystem isolation", "blocked access"
Proxy not working	"httpProxyPort", "socksProxyPort"

Related Skills

permission-management - For allow/deny/ask rules
enterprise-security - For managed policies
settings-management - For general configuration

Version History

v1.0.0 (2025-11-30): Initial release (split from security-meta)
- Focused on sandboxing and isolation only
- Pure delegation architecture
- Comprehensive keyword registry

Last Updated

Date: 2025-11-30 Model: claude-opus-4-5-20251101