Central authority for Claude Code sandboxing and isolation. Covers sandboxed bash tool, /sandbox command, filesystem isolation (blocked access, custom paths), network isolation (domain restrictions, proxy support), OS-level enforcement (bubblewrap on Linux, Seatbelt on macOS), sandbox configuration options, escape hatches (dangerouslyDisableSandbox, allowUnsandboxedCommands), and sandbox security limitations. Assists with configuring sandbox settings, understanding isolation mechanisms, and troubleshooting sandbox issues. Delegates 100% to docs-management skill for official documentation.
Provides sandbox configuration guidance for filesystem/network isolation, OS-level enforcement, and security settings. Triggers on keywords like "sandboxing", "domain restrictions", or "bubblewrap" to query official docs for setup, troubleshooting, and escape hatch configuration.
/plugin marketplace add melodic-software/claude-code-plugins/plugin install claude-code-observability@melodic-softwareThis skill is limited to using the following tools:
STOP - Before providing ANY response about Claude Code sandboxing:
- INVOKE
docs-managementskill- QUERY for the user's specific topic
- BASE all responses EXCLUSIVELY on official documentation loaded
Skipping this step results in outdated or incorrect information.
Before responding, verify:
If ANY checkbox is unchecked, STOP and invoke docs-management first.
Central authority for Claude Code sandboxing and isolation. This skill uses 100% delegation to docs-management - it contains NO duplicated official documentation.
Architecture: Pure delegation with keyword registry. All official documentation is accessed via docs-management skill queries.
Keywords: sandboxing, sandbox, /sandbox, filesystem isolation, network isolation, bubblewrap, Seatbelt, dangerouslyDisableSandbox, allowUnsandboxedCommands, excludedCommands, httpProxyPort, socksProxyPort, domain restrictions, sandbox configuration, blocked access
Use this skill when:
Use these keywords when querying docs-management skill for official documentation:
| Topic | Keywords |
|---|---|
| Overview | "sandboxing", "sandboxed bash tool", "/sandbox command" |
| Why Sandbox | "why sandboxing", "approval fatigue", "sandbox productivity" |
| OS Enforcement | "bubblewrap", "Seatbelt", "OS-level enforcement" |
| Topic | Keywords |
|---|---|
| Default Behavior | "filesystem isolation", "sandbox filesystem", "default writes" |
| Blocked Access | "blocked access", "sandbox blocked patterns" |
| Custom Paths | "custom allowed paths", "custom denied paths" |
| Protection | "critical file modification", "filesystem protection" |
| Topic | Keywords |
|---|---|
| Domain Restrictions | "network isolation", "domain restrictions", "sandbox network" |
| Proxy Support | "httpProxyPort", "socksProxyPort", "custom proxy" |
| User Confirmation | "user confirmation domains", "new domain approval" |
| Topic | Keywords |
|---|---|
| Settings | "sandbox configuration", "sandbox settings" |
| Escape Hatch | "dangerouslyDisableSandbox", "allowUnsandboxedCommands" |
| Excluded Commands | "excludedCommands", "sandbox exclusions" |
| Security Limitations | "sandbox security limitations", "domain fronting" |
What do you want to do?
| Issue | Keywords for docs-management |
|---|---|
| Sandbox blocking commands | "excludedCommands", "allowUnsandboxedCommands" |
| Network requests blocked | "network isolation", "domain restrictions" |
| Filesystem access denied | "filesystem isolation", "blocked access" |
| Proxy not working | "httpProxyPort", "socksProxyPort" |
Date: 2025-11-30 Model: claude-opus-4-5-20251101
This skill should be used when the user asks to "create a slash command", "add a command", "write a custom command", "define command arguments", "use command frontmatter", "organize commands", "create command with file references", "interactive command", "use AskUserQuestion in command", or needs guidance on slash command structure, YAML frontmatter fields, dynamic arguments, bash execution in commands, user interaction patterns, or command development best practices for Claude Code.
This skill should be used when the user asks to "create an agent", "add an agent", "write a subagent", "agent frontmatter", "when to use description", "agent examples", "agent tools", "agent colors", "autonomous agent", or needs guidance on agent structure, system prompts, triggering conditions, or agent development best practices for Claude Code plugins.
This skill should be used when the user asks to "create a hook", "add a PreToolUse/PostToolUse/Stop hook", "validate tool use", "implement prompt-based hooks", "use ${CLAUDE_PLUGIN_ROOT}", "set up event-driven automation", "block dangerous commands", or mentions hook events (PreToolUse, PostToolUse, Stop, SubagentStop, SessionStart, SessionEnd, UserPromptSubmit, PreCompact, Notification). Provides comprehensive guidance for creating and implementing Claude Code plugin hooks with focus on advanced prompt-based hooks API.