I got pi to write me a very basic sandbox based on an example from the pi github. Added hooks for read/write/edit/bash, some prompts to temp/perm override. Have a look, copy-paste what you like.

https://github.com/carderne/pi-sandbox

I’ve been tinkering with Gondolin, a micro-vm agent sandbox.

Here’s an example config: https://github.com/earendil-works/gondolin/blob/main/host/ex...

I run mine inside https://github.com/rcarmo/agentbox (with https://github.com/rcarmo/webterm)

Yeah I wrote a small landlock wrapper using go-landlock to sandbox pi that works well (not public, similar projects are landrun and nono).

Note that if you sandbox to literally just the working directly, pi itself wont run since pretty much every linux application needs to be able to read from /usr and /etc

I do this with an extension. I run all bash tools with bwrap and ACLs for the write and edit tools. Serves my purposes. Opens up access to other required directories, at least for git and rust.

I think I published it. Check the pi package page.

[dead]