How does the sandbox prevent dangerous commands?

It uses a multi-layered approach involving OS-level isolation, a strictly defined command allowlist, and regex-based pattern matching to block destructive shell commands like 'rm -rf /' before they execute.

Can I customize which commands are allowed?

Yes, you can configure the allowlist in the security-config.json file or programmatically add custom allowed commands to suit your specific project requirements.

What happens if a command is blocked?

When a command is blocked, the security hook prevents execution and returns a 'block' decision with a reason, which is then recorded in the security-audit.jsonl file for review.

Does this skill support network isolation?

Yes, the sandbox configuration includes settings for restricted network access, allowing you to permit only specific trusted domains like localhost or the Anthropic API while blocking others.

AC Security Sandbox

Name: AC Security Sandbox
Author: adaptationio

byadaptationio

0•

Security & Testing

Protects autonomous coding environments by enforcing command allowlists, filesystem permissions, and execution sandboxing.

AC Security Sandbox provides a robust defense-in-depth architecture designed specifically for AI agents and autonomous coding workflows. It implements three layers of protection—OS-level isolation, granular filesystem access control, and a customizable command allowlist—to ensure that generated code or shell commands are executed safely without compromising the host system. By integrating pre-tool-use hooks to intercept dangerous patterns and maintaining a detailed audit log of all security decisions, this skill allows developers to deploy AI-driven automation with confidence and oversight.

Key Features

01Customizable command allowlist with pre-approved patterns for dev tools like npm, git, and python

02Real-time command validation hooks that intercept and block dangerous shell patterns

03Comprehensive audit logging for tracking and reviewing all security-related execution events

04Granular filesystem permissions to prevent unauthorized access to sensitive system paths

050 GitHub stars

06Multi-layer security including OS-level isolation and restricted network access

Use Cases

01Preventing accidental system damage or data leakage during automated code execution

02Securing autonomous AI agents performing file modifications or terminal commands

03Enforcing project-specific security boundaries in collaborative or automated environments

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add adaptationio/skrillz ac-security-sandbox

For use in Claude.ai and ChatGPT

Download Skill