Agent Safehouse – macOS-native sandboxing for local agents

Posted by atombender 19 hours ago

Agent Safehouse – macOS-native sandboxing for local agents(agent-safehouse.dev)

681 points | 160 commentspage 5

sagarpatil 8 hours ago|

Looks good. I’ll give it a try.

boxedemp 12 hours ago||

Fantastic! I had been using dockers but this might be better!

gozucito 18 hours ago||

so this works the same as Claude Code /sandbox? The innovation being that it's harness-agnostic?

e1g 18 hours ago||

Roughly, yes, but more reliable (and restrictive), as Claude Code has ways to escape its sandbox. This gives more protection and guards across all CLI agnets (Amp, Pi, etc)

arianvanp 18 hours ago||

That and that the built in sandbox in Claude Code is bad (read only access to everything by default) and tightly coupled (cant modify it or swap it out).

dbmikus 17 hours ago||

I like that it's all bash.

How does this compare with Codex's and Claude's built-in sandboxing?

e1g 17 hours ago|

Claude: can escape its sandbox (there are GitHub issues about this) and, when sandboxed, still has full read access to everything on your machine (SSH keys, API keys, files, etc.)

Codex: IIRC, only shell commands are sandboxed; the actual agent runtime is not.

dbmikus 15 hours ago||

Cool, thanks for explaining!

treexs 13 hours ago||

wow it's interesting how noticeable sites built with claude maybe with the frotnend-design skill are now

e1g 13 hours ago|

IYKYK, it’s the new Bootstrap!

The alternative would be “no site”, which is still somehow worse.

vivid242 17 hours ago||

Nice! I‘d be interesting in the things that went wrong during development. Which loopholes were discovered last, if any?

ai_fry_ur_brain 10 hours ago||

Docker...

cjbarber 15 hours ago||

See also various sandbox tools I and others (e.g. jpeeler) have collected: https://news.ycombinator.com/item?id=47102258

nemo44x 16 hours ago||

Supervisor agent frameworks are going to be a big industry soon. You simply can’t have agents executing commands without a trusted supervisory layer examining and certifying actions.

All the issues we get from AI today (hallucinations, goal shift, context decay, etc) get amplified unbelievably fast once you begin scaling agents out due to cascading. The risk being you go to bed and when you wake up your entire infrastructure is gone lol.

bschmidt97979 1 hour ago|

[dead]

More comments...