A better way to limit Claude Code (and other coding agents!) access to Secrets
Bubblewrap, a Linux CLI tool which uses namespaces to sandbox a specific command (and its subprocesses):
Bubblewrap lets you run untrusted or semi-trusted code without risking your host system. We’re not trying to build a reproducible deployment artifact. We’re creating a jail where coding agents can work on your project while being unable to touch ~/.aws, your browser profiles, your ~/Photos library or anything else sensitive.
Very nice, I hadn't heard of this tool before. The rest of the blog post details how to use it to isolate Claude Code specifically.
Tags: claude llms sandboxing linux cli namespaces security infosec trust unix