Wrap local coding agents in deny-by-default least-privilege sandboxes with Greywall
Run Claude Code, Codex, Cursor, or similar local agent CLIs inside a host-local sandbox that learns required access and blocks everything else by default.
What it does
Wrap local coding agents in deny-by-default least-privilege sandboxes with Greywall
Run Claude Code, Codex, Cursor, or similar local agent CLIs inside a host-local sandbox that learns required access and blocks everything else by default.
Prerequisites
Greywall CLI, local shell access, a supported local coding agent such as Claude Code, Codex, Cursor, Aider, Gemini CLI, or OpenCode, Linux or macOS host
Installation
Use the upstream install or setup path that matches your environment:
- brew tap greyhavenhq/tap
- brew install greywall
- go install github.com/GreyhavenHQ/greywall/cmd/greywall@latest
- git clone https://github.com/GreyhavenHQ/greywall
Requirements and caveats from upstream:
- No containers required — kernel-enforced sandboxing without Docker overhead
- Greywall ships with built-in sandbox profiles for popular AI coding agents (Claude Code, Codex, Cursor, Aider, Goose, Gemini CLI, OpenCode, Amp, Cline, Copilot, Kilo, Auggie, Droid) and toolchains (Node, Python, Go, R...
Basic usage or getting-started notes:
-
greywall -- curl https://example.com
-
Homebrew (macOS):
-
bash
-
Extracted from upstream docs: https://raw.githubusercontent.com/GreyhavenHQ/greywall/HEAD/README.md
Documentation
Source
Capabilities
Install
Quality
deterministic score 0.45 from registry signals: · indexed on github topic:agent-skills · 8 github stars · SKILL.md body (1,510 chars)