I just built yoloAI https://github.com/kstenerud/yoloai

Gives me full sandboxing with bypass permissions, tmux, and cherry-pick level control over what gets pulled back out into my work dir.

Mix in tailscale and I can control it from anywhere, on any device, with full transferrability using established and battle proven tooling.