{"id":"3df149e5-0810-4d34-a809-dbd2ddd2ebe5","shortId":"KDbd7N","kind":"skill","title":"Run coding agents in a locked-down local sandbox with repo-only filesystem access and controlled egress using agent-sandbox","tagline":"Put Claude Code, Codex, Gemini, or other supported agent CLIs inside a persistent local sandbox instead of letting them operate directly on the host.","description":"# Run coding agents in a locked-down local sandbox with repo-only filesystem access and controlled egress using agent-sandbox\n\nPut Claude Code, Codex, Gemini, or other supported agent CLIs inside a persistent local sandbox instead of letting them operate directly on the host.\n\n## Prerequisites\n\nDocker-compatible runtime, VM layer such as Colima, terminal or supported devcontainer IDE\n\n## Installation\n\nUse the upstream install or setup path that matches your environment:\n- brew install colima docker docker-compose docker-buildx\n\nRequirements and caveats from upstream:\n- Target platform: [Colima](https://github.com/abiosoft/colima) + [Docker Engine](https://docs.docker.com/engine/) on Apple Silicon. Should work with any Docker-compatible runtime.\n- ### 1. Install prerequisites\n- You need a VM and Docker installed. This can be done in a variety of ways.\n\nBasic usage or getting-started notes:\n- Run AI coding agents in a locked-down local sandbox with:\n- **CLI (preferred)** - run the agent in a terminal session using agentbox exec.\n- [Colima](https://colima.run/)\n\n- Source: https://github.com/mattolson/agent-sandbox\n- Extracted from upstream docs: https://raw.githubusercontent.com/mattolson/agent-sandbox/HEAD/README.md\n\n## Documentation\n\n- https://github.com/mattolson/agent-sandbox#readme\n\n## Source\n\n- [Agent Skill Exchange](https://agentskillexchange.com/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox/)","tags":["run","coding","agents","locked","down","local","sandbox","with","repo","only","filesystem","access"],"capabilities":["skill","source-agentskillexchange","skill-run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox","topic-agent-skills","topic-ai-agents","topic-ai-tools","topic-awesome-list","topic-claude-code","topic-codex","topic-cursor","topic-llm","topic-mcp","topic-npx-skills","topic-openclaw","topic-skills-catalog"],"categories":["skills"],"synonyms":[],"warnings":[],"endpointUrl":"https://skills.sh/agentskillexchange/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox","protocol":"skill","transport":"skills-sh","auth":{"type":"none","details":{"cli":"npx skills add agentskillexchange/skills","source_repo":"https://github.com/agentskillexchange/skills","install_from":"skills.sh"}},"qualityScore":"0.454","qualityRationale":"deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,505 chars)","verified":false,"liveness":"unknown","lastLivenessCheck":null,"agentReviews":{"count":0,"score_avg":null,"cost_usd_avg":null,"success_rate":null,"latency_p50_ms":null,"narrative_summary":null,"summary_updated_at":null},"enrichmentModel":"deterministic:skill-github:v1","enrichmentVersion":1,"enrichedAt":"2026-05-18T19:12:11.204Z","embedding":null,"createdAt":"2026-05-18T13:18:58.180Z","updatedAt":"2026-05-18T19:12:11.204Z","lastSeenAt":"2026-05-18T19:12:11.204Z","tsv":"'/)':212 '/abiosoft/colima)':142 '/engine/)':147 '/mattolson/agent-sandbox':216 '/mattolson/agent-sandbox#readme':227 '/mattolson/agent-sandbox/head/readme.md':223 '/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox/)':234 '1':159 'access':16,63 'agent':3,22,32,50,69,79,188,201,229 'agent-sandbox':21,68 'agentbox':207 'agentskillexchange.com':233 'agentskillexchange.com/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox/)':232 'ai':186 'appl':149 'basic':178 'brew':122 'buildx':131 'caveat':134 'claud':25,72 'cli':197 'clis':33,80 'code':2,26,49,73,187 'codex':27,74 'colima':104,124,139,209 'colima.run':211 'colima.run/)':210 'compat':98,157 'compos':128 'control':18,65 'devcontain':108 'direct':44,91 'doc':220 'docker':97,125,127,130,143,156,167 'docker-buildx':129 'docker-compat':96,155 'docker-compos':126 'docs.docker.com':146 'docs.docker.com/engine/)':145 'document':224 'done':172 'egress':19,66 'engin':144 'environ':121 'exchang':231 'exec':208 'extract':217 'filesystem':15,62 'gemini':28,75 'get':182 'getting-start':181 'github.com':141,215,226 'github.com/abiosoft/colima)':140 'github.com/mattolson/agent-sandbox':214 'github.com/mattolson/agent-sandbox#readme':225 'host':47,94 'ide':109 'insid':34,81 'instal':110,114,123,160,168 'instead':39,86 'layer':101 'let':41,88 'local':9,37,56,84,194 'lock':7,54,192 'locked-down':6,53,191 'match':119 'need':163 'note':184 'oper':43,90 'path':117 'persist':36,83 'platform':138 'prefer':198 'prerequisit':95,161 'put':24,71 'raw.githubusercontent.com':222 'raw.githubusercontent.com/mattolson/agent-sandbox/head/readme.md':221 'repo':13,60 'repo-on':12,59 'requir':132 'run':1,48,185,199 'runtim':99,158 'sandbox':10,23,38,57,70,85,195 'session':205 'setup':116 'silicon':150 'skill':230 'skill-run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox' 'sourc':213,228 'source-agentskillexchange' 'start':183 'support':31,78,107 'target':137 'termin':105,204 'topic-agent-skills' 'topic-ai-agents' 'topic-ai-tools' 'topic-awesome-list' 'topic-claude-code' 'topic-codex' 'topic-cursor' 'topic-llm' 'topic-mcp' 'topic-npx-skills' 'topic-openclaw' 'topic-skills-catalog' 'upstream':113,136,219 'usag':179 'use':20,67,111,206 'varieti':175 'vm':100,165 'way':177 'work':152","prices":[{"id":"7b84a56a-cd3e-460e-a550-48ef329cede0","listingId":"3df149e5-0810-4d34-a809-dbd2ddd2ebe5","amountUsd":"0","unit":"free","nativeCurrency":null,"nativeAmount":null,"chain":null,"payTo":null,"paymentMethod":"skill-free","isPrimary":true,"details":{"org":"agentskillexchange","category":"skills","install_from":"skills.sh"},"createdAt":"2026-05-18T13:18:58.180Z"}],"sources":[{"listingId":"3df149e5-0810-4d34-a809-dbd2ddd2ebe5","source":"github","sourceId":"agentskillexchange/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox","sourceUrl":"https://github.com/agentskillexchange/skills/tree/main/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox","isPrimary":false,"firstSeenAt":"2026-05-18T13:18:58.180Z","lastSeenAt":"2026-05-18T19:12:11.204Z"}],"details":{"listingId":"3df149e5-0810-4d34-a809-dbd2ddd2ebe5","quickStartSnippet":null,"exampleRequest":null,"exampleResponse":null,"schema":null,"openapiUrl":null,"agentsTxtUrl":null,"citations":[],"useCases":[],"bestFor":[],"notFor":[],"kindDetails":{"org":"agentskillexchange","slug":"run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox","github":{"repo":"agentskillexchange/skills","stars":8,"topics":["agent-skills","ai-agents","ai-tools","awesome-list","claude-code","codex","cursor","llm","mcp","npx-skills","openclaw","skills-catalog"],"license":"mit","html_url":"https://github.com/agentskillexchange/skills","pushed_at":"2026-05-18T19:02:17Z","description":"The open catalog of AI agent skills — 2,000+ security-scanned skills for Claude Code, Cursor, Codex, and more.","skill_md_sha":"d22838be00b6cf60e402ed02f1468f767dbe28ff","skill_md_path":"skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox/SKILL.md","default_branch":"main","skill_tree_url":"https://github.com/agentskillexchange/skills/tree/main/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox"},"layout":"multi","source":"github","category":"skills","frontmatter":{"name":"Run coding agents in a locked-down local sandbox with repo-only filesystem access and controlled egress using agent-sandbox","description":"Put Claude Code, Codex, Gemini, or other supported agent CLIs inside a persistent local sandbox instead of letting them operate directly on the host."},"skills_sh_url":"https://skills.sh/agentskillexchange/skills/run-coding-agents-in-a-locked-down-local-sandbox-with-repo-only-filesystem-access-and-controlled-egress-using-agent-sandbox"},"updatedAt":"2026-05-18T19:12:11.204Z"}}