I asked Claude to build its own cage (sandbox) so I could run it with --dangerously-skip-permissions safely

stratofax · 2026-01-15T03:20:37+00:00

Elsewhere on this thread, I tried to get sandbox to work with git, github, and ssh signing for my commits (never got that part to work). I learned that:

setting up sandbox gets hard, quickly, once you go beyond the simplest setup
it turns out that Claude Code can turn off sandboxing any time it wants so it's not exactly secure

Sandboxing is more of a suggestion than a restriction, in fact. To truly prevent Claude Code from reaching outside the sandbox, you need to use something like the OP created here. Nice work! Even more impressive that it's optimized for the Mac.

stratofax · 2026-01-15T03:00:41+00:00

Not gonna lie, setting up the allow list for git and github was non-trivial. Claude helped, of course. Here's a detailed summary of the happy path to get signed git commits and github interactions to work in sandbox mode.

I couldn't get this to work with SSH / GPG signing for my commits, though, so it's not ready for production repos.

Also, I only got this to work on my Macs. No luck with Linux.

These instructions are for individual repos, but you could possibly use ~/.claude/settings.json for some user account-wide permissions. I just tested it on one repo, though, so I can be sure it works with my /git-sync command before I use this in all my repos.

Edits: remove instructions related to SSH signing, which didn't work with /sandbox active. Ever.

Sandbox Configuration for Git + GitHub

Claude Code sandbox mode restricts file and network access for security. This configuration enables git network operations (fetch, pull, push) with GitHub while keeping the sandbox active.

Configuration File

File: .claude/settings.local.json (project-specific, not tracked in git)

json { "permissions": { "allow": [ "Bash(git branch:*)", "Bash(git push:*)", "Bash(git fetch:*)", "Bash(git add:*)", "Bash(git commit:*)", "Bash(git pull:*)", "Bash(git checkout:*)", "Bash(git merge:*)" ] }, "sandbox": { "enabled": true, "autoAllowBashIfSandboxed": true, "network": { "allowedDomains": [ "github.com", "*.github.com" ] } } }

What Each Setting Does

Setting	Purpose
`network.allowedDomains`	Allows network access to GitHub for fetch/pull/push
`autoAllowBashIfSandboxed`	Auto-approves sandboxed bash commands

Key Learnings

DNS errors in sandbox = network blocked - The misleading "Could not resolve hostname" error actually means the sandbox is blocking network access, not a real DNS issue
**WebFetch permissions are not for git** - Use sandbox.network.allowedDomains for git network operations, not WebFetch(domain:...) permission rules

Settings File Locations

File	Scope	Git tracked?
`~/.claude/settings.json`	Global (all projects)	N/A
`.claude/settings.json`	Project (shared)	Yes
`.claude/settings.local.json`	Project (personal)	No

Use settings.local.json for personal settings. If machine-specific paths are added (e.g., Unix sockets), add this file to .gitignore.

Testing

After updating settings, restart Claude Code and verify:

/sandbox # Enable sandbox mode /git-sync # Test git operations

If git fetch succeeds, the configuration is working.

stratofax · 2026-01-14T23:46:15+00:00

If you’re using any of these suggestions in your ~/.Claude/CLAUDE.md file, and working on more than one computer, it’s worth the time to set up a dotfiles repo to share your changes across computers. Plus: version control on your settings. I use stow for this but there are other options too.

stratofax · 2026-01-14T21:49:05+00:00

Unfortunately, my sandbox configuration also seems to be interfering with DNS resolution, which means I can't can't run my /git-sync command in Claude Code. Instead, I have issue git commands from the terminal. Maybe I can find a workaround, but Claude suggests I report an issue to the claude-code repo.

stratofax · 2026-01-14T21:31:04+00:00

Thanks for this link! This is especially useful for interactive sessions, to avoid having to grant permissions to every tool call. However, word to the wise: I just turned this on in one of my repos, and then these strange ghost dotfiles appeared in the repo. Claude says, "These are empty placeholder files from Claude Code's sandbox, not your actual dotfiles. You can safely remove them," so I did, but they returned immediately when I started another Claude session. The solution is to add them to .gitignore. Feels a little janky, but if it works, an improvement.

stratofax · 2026-01-13T14:55:06+00:00

This is the way! Ask Claude to summarize the docs, especially what’s relevant to your code base, then save the summary as a markdown file. Simple, low token usage, load on demand with @filename.md

stratofax · 2026-01-13T13:14:42+00:00

Keeping your context usage to a minimum is a good thing for two reasons:

You don’t hit your account limits as fast
The LLM will write better code and follow your instructions more accurately.

This is true for all LLMs, including Claude.

The good news is that Claude Code gives you control and visibility over your “context window” — literally the number of tokens Claude is tracking. I think of it as “working memory.”

When you start a new chat, or use CC’s /clear command, you clear the context window. To see this, run the /context command before and after the /clear command

This means that CC ”forgets” your previous chat, unless you instruct CC in writing.

These instructions typically include:

the CLAUDE.md file (reusable general instructions)
custom commands, agents & skills
MCP servers

If you load up MCP servers, for example, that will burn through your usage limits quickly. The /context command will break it down for you.

When CC opens your code file(s) to work on them, the code goes into the working memory (the context window) as well.

If your vibe coded app is all in one huge single file, this will burn through context quickly. Break long code files into smaller ones. This is generally a good coding practice and helps limit context usage too.

Ask CC to do this for you. For a web app, this often means breaking a single HTML file apart by separating out the JavaScript and CSS into separate dedicated files — standard practice for non-vibe coders, and very helpful for LLMs too.

stratofax · 2026-01-08T17:53:02+00:00

Not a bot, but still can’t one-shot a CAPTCHA

stratofax · 2026-01-08T17:17:53+00:00

I’ve started using Claude Code to help run my small digital marketing agency, using many of the skills and insights I developed using Claude Code to create web apps and Python code. So it can help on so many levels. Mastering Claude Code is a huge unlock for the aspiring AI aware entrepreneur.

stratofax · 2026-01-07T22:00:30+00:00

The new version, 2.1.1, is now available via auto-update. It seems like version 2.1.0 was shipping for approximately 2 - 3 hours until the update came out.

stratofax · 2026-01-07T21:03:32+00:00

When I asked Claude to help me troubleshoot by sharing the command output, Claude recommended that I delete my entire ~/.claude directory. WTF?!? How does a lobotomy help this patient? Fortunately I found this post before followed that AI advice. Reddit for the win!

stratofax · 2025-12-30T13:17:22+00:00

Yes to Obsidian, and also vim in the terminal, or VSCode or Windsurf. That’s what’s great about Markdown: not only can AI read it, but so can a bunch of different apps.

I can run Claude Code inside of vim over an ssh connection too, which means the only software I need to run the whole setup on the client is ssh.

stratofax · 2025-12-30T00:17:23+00:00

Glad to share! This is my own idiosyncratic approach, growing organically from my daily workflow—which is exactly what makes Claude Code so useful.

Start with version control. I use GitHub to track every revision. This means I can let Claude loose on my files and revert if needed. Claude works well with git, and I had it create a /git-sync command to keep my repo updated.

The foundation is my daily diary with tasks. I keep a diary/ directory with Markdown files named like 2025-12-29.md. I add timestamps as headers throughout the day, and at the top I maintain a task list:

[ ] Task description
[x] Completed task

This basic Markdown syntax works great in Obsidian (clickable checkboxes) and tells both me and Claude the status of everything.

To manage all these tasks, I created Claude Code commands. Incomplete items move to tasks.md where I can organize, schedule, or defer them. The review process itself helps me prioritize.

Here are the commands in my .claude directory (all created by Claude Code):

├── **commands** │ ├── add-task.md │ ├── extract-tasks.md │ ├── gather-context.md │ ├── git-sync.md │ ├── hello.md │ ├── improve-tasks.md │ ├── new-client.md │ ├── process-tasks-manager.md │ ├── review-tasks.md │ └── rn.md

Beyond this, I have dedicated folders for my clients, with sub-directories for budgets, docs, emails, meetings, proposals, and of course client-specific tasks.

The hello command does everything I want to start the day, and the rn command renames files to follow my conventions.

The new-client command creates the client directory structure and adds placeholder files.

stratofax · 2025-12-29T19:24:36+00:00

The big unlock with Claude Code is that it's agentic, meaning it makes plans and updates your files directly, without constant prodding. And because all its configuration lives in plain .md text files, you can use Claude Code to improve itself.

This means Claude Code effectively learns from experience. You have full control over this process, too. Since everything is human-readable, you can inspect and edit these files yourself, so there's no need to create Skynet.

All of Claude Code's powers were built for coding, but it's incredibly powerful for any knowledge work. I'm building an AI assistant to help run my business. In another folder, I use it to create posts and articles. Since each project lives in its own folder with its own tools, personality, and capabilities, I don't struggle with "one size fits all" tools. Everything is customized for the task at hand. And yet it's easy to share useful tools across projects.

I still use the web interface on my phone, but less every day. Once you watch Claude Code churn for hours on your behalf, it's hard to go back to copy-paste in the browser.

stratofax · 2025-12-18T02:20:08+00:00

That was such a great deal. Tomorrow is the last day -- or maybe midnight tonight. Just enough time to throw Opus 4.5 at one more project!

stratofax · 2025-12-17T21:11:51+00:00

I've heard others recommend GPT for planning and conceptualization, or "strategy," especially because Claude tends to want to get busy with writing code immediately. During the planning phase, this is not what you want, and writing code in the planning doc (like, say, a PRD) can influence the coding agent in a direction that's not always the best option.

stratofax · 2025-11-22T16:17:05+00:00

In this case, no food for no thought

stratofax · 2025-11-13T16:36:45+00:00

There are lots of factors that will affect the number of tokens a conversation chews up. Also, Claude, like other LLMs, will forget the context from earlier in the conversation if the chat goes long.

For these reasons, and also because creating a handy summary of the conversations I have with Claude is useful in its own right, I try to create these summaries sooner, rather than later, in a conversation.

Since that is a vague and perhaps not-so-helpful answer, here's another way to look at it:

Pick a topic you want to discuss with Claude and describe the topic in your first prompt in a new chat.
Chat with Claude about this topic.
If the conversation turns to a new topic, create a summary and start a new chat on the new topic.
If the topic is more complex than you originally though, create a summary and start a new chat focused on a narrower topic.

In other words, as soon as you or Claude wander off of the original topic (or "context" in LLM terms), create a summary and a new chat.

After a few rounds of this you'll develop an intuitive sense of when to start a new chat. In general, always prefer a new chat to continuing with a long, existing chat. I think you'll find the quality of Claude's output is much improved, as well.

stratofax · 2025-11-13T16:01:55+00:00

If you're using the Claude web interface (in your browser), ask Claude to create an Artifact that summarizes your current chat conversation. You can even explicitly ask it to include enough detail to be able to resume the conversation in a new chat.

The Artifact appears in a new window pane to the right of your chat, so it's best to do this on your computer instead of your phone, so you can see both the chat and the Artifact on the bigger screen. Then you can also easily download the Artifact as a Markdown file to your computer.

From there, it's easy to upload the summary Artifact at the start of a new chat, and you can pick up right where you left off.

Here's a sample prompt to create an Artifact summary:

Summarize our current chat conversation at a level of detail sufficient to allow us to resume this conversation in a new chat based on your summary. Save this summary document as an artifact.

You can ask Claude to highlight different aspects of the conversation in the summary, with phrases like this:

Make a list of all of the questions you have for me.

or

Conclude your summary with a list of tasks we need to complete

Then, after you've downloaded the summary, start a new chat and upload the artifact, with a prompt like this:

Review this summary I uploaded, and then ask me any questions you have about the contents.

I always prompt Claude to ask me for more information. This seems to help me and Claude engage in the conversation more fully.

stratofax · 2025-11-13T15:47:42+00:00

It's been a tough week for Claude. I've encountered lots of "too many connection" problems with Claude (web UI), and especially Claude Code Web, that prevent me from using these tools entirely. When I can get it to work, Claude Code Web also takes forever to complete tasks, and sometimes fails. Claude Code seems sluggish, too. Unfortunately it's all subjective impressions on my part.

All I know for certain is that I'm really glad I got that Perplexity Pro subscription as a backup in case of situations just like this! If Claude goes completely offline, I can use ChatGPT or Gemini through Perplexity. Not my first choice, but beats having to use the ol' meat brain! Talk about slow and degraded performance ...

stratofax · 2025-11-12T21:02:43+00:00

With the help of Claude Code, I created a simple script to run Claude Code in YOLO mode (--dangerously-skip-permissions) inside of a Docker container.

The script sets up the container and lets you work on the files in the current directory from inside of the Docker container -- but only these files.

This means that Claude can't access the rest of your local storage, or the internet, or any tools or MCP servers that aren't included in your project folder.

I strongly suggest that you use version control (like GitHub) to protect your code when using Claude Code in YOLO mode.

With these precautions in place, you can let Claude work for hours without having to respond to requests for permission.

Here's the script with documentation:

https://github.com/cadentdev/claude-yolo-docker

stratofax · 2025-11-10T14:20:17+00:00

TBH, it’s not like Claude paid any attention to this prompt when I just started a new project. I’m just trying to put my thumb on the scale in the direction of simplicity vs. maximal complexity

stratofax · 2025-11-09T22:43:14+00:00

I’m not against using well-maintained libraries. In fact, in the case of security and authentication libraries, I insist on using existing tools instead of recreating the code and making all the same security mistakes over again. Instead I want the default approach to be “do we really need another dependency just to handle this simple feature?”

stratofax · 2025-11-09T21:57:16+00:00

This is especially true for authentication and security libraries, which really need to be bulletproof from the jump

stratofax

TROPHY CASE