Why this instead of Anthropic's reference Claude Code development container?

https://docs.anthropic.com/en/docs/claude-code/devcontainer: "The container’s enhanced security measures (isolation and firewall rules) allow you to run claude --dangerously-skip-permissions to bypass permission prompts for unattended operation."

I also use the default one by Anthropic. It's a good start and simple enough to adjust for any needa.

I made a similar thing not long ago that lets you choose between docker, seatbelt (macOS's native sandboxing) and bubblewrap (on Linux).

I use it on macOS primarily, and have basically stopped using docker mode in favor of the native sandboxing because features like image pasting Just Work™.

http://github.com/nikvdp/cco

Claude condom is hilarious!

I couldn't resist the pun :)

This is the way Claude Code should Just Work™. Thanks for making and sharing. Hopefully someone from Anthropic sees this and incorporates it (and gives you credit and/or a job!)

Thanks glad you enjoyed it!

Super cool. I’m trying to think what the equivalent windows backend would be… perhaps AppContainer?

More safe, but not completely safe. Maybe that’s good enough?

That's really the future, isn't it. A workshop full of tools that we custom build for ourselves, and some loosely adopted standards, like jq.

how do we make a composable gui?

yeah i call mine secure-runner lmao

go binary