Open1
cageを使い、Claude Codeをサンドボックス経由で実行する設定
うお~Warashi/cage 各OS標準のサンドボックス実行ツールを抽象化してくれるラッパー
mise use -g go
mise settings -g experimental=true
mise use -g go:github.com/Warashi/cage@latest
mkdir -p "$HOME/Library/Application Support/cage/"
vim "$HOME/Library/Application Support/cage/presets.yml"
presets:
# common presets
git:
allow:
- "."
- "$HOME/.ssh"
allow-git: true
allow-keychain: true # macOS only
tmp:
allow:
- "$HOME/tmp"
- "/tmp"
cache:
allow:
- "$HOME/.cache"
- "$HOME/Library/Caches"
stdout:
allow:
- "/dev/stdout"
- "/dev/stderr"
- "/dev/null"
- "/dev/dtracehelper"
# command specific
npm:
allow:
- "."
- "$HOME/.npm"
- "$HOME/.cache/npm"
- "$HOME/.npmrc"
cargo:
allow:
- "."
- "$HOME/.cargo"
- "$HOME/.rustup"
- "$HOME/.cache/sccache"
cc: # claude code
allow:
- "."
- "$HOME/.claude"
- "$HOME/.config/claude"
- "$HOME/.claude.json"
- "$HOME/.claude.json.backup"
- "$HOME/.claude.json.lock"
- "$HOME/.claude.lock"
allow-keychain: true # セッション情報をKeychain経由で記録するらしい
auto-presets:
- command: claude
presets:
- cc
- npm # for MCP server using npx
- git
- tmp
- cache
- stdout