holding off update seems like reasonable step till the patch comes. I also run a .local for apple containers though not docker.

You could do that with say Claude Code too with rather much simpler set up.

OPs question was more around sandboxes though. To which, I would say that it's to limit unintended actions on host machine.

I want to be proven wrong, but every use case someone presents for OpenClaw is just a worse version of Claude Code, at least, so far.

Literally made the same app, 2 weeks back - https://news.ycombinator.com/item?id=47171499

What front-end framework did you use? I find the UI so visually appealing

FWIW, while I find it appealing, I also strongly associate it with "vibe coded webapp of dubious quality," so personally I'm not gonna try to replicate it myself.

Thanks. I actually used Google AI Studio for this. Prompted with my color choices and let it do the rest, turned out pretty good.

A way to run claude code inside a apple container -

  $ container system start

  $ container run -d --name myubuntu ubuntu:latest sleep infinity

  $ container exec myubuntu bash -c "apt-get update -qq && apt-get install -y openssh-server"

  $ container exec myubuntu bash -c "
    apt-get install -y curl &&
    curl -fsSL https://deb.nodesource.com/setup_lts.x |
  bash - &&
    apt-get install -y nodejs
  "

  $ container exec myubuntu npm install -g @anthropic-ai/claude-code

  $ container exec myubuntu claude --version

Thanks, hadn't heard of this! In homebrew, too.

https://github.com/apple/container

Shuru should do exactly what you want:

https://shuru.run

Lume is also a nice wrapper around it

Apple containers were released a few months back. Been using it to sandbox claude/gemini-cli generated code[1].

You can use it to completely sandbox claude code too.

1. Coderunner - https://github.com/instavm/coderunner

That is also Linux VM on MacOS. They're not MacOS containers.. So it's completely pointless / useless for MacOS or iOS development

Oh, yes. I thought GP was mostly worried about shared VM problem.

> Or have a `discover_skills` tool

Yes, treating the "front matter" of skill as "function definition" of tool calls as kind of an equivalence class.

This understanding helped me create an LLM agnostic (also sandboxed) open-skills[1] way before this standardization was proposed.

1. Open-skills: https://github.com/instavm/open-skills

> And with apple/container, it’s very easy to launch a semi-sandboxed Linux environment on macOS too.

I used apple containers and have put in a jupyter server in it and exposed it as an API/MCP. The isolation it provides is superior than docker.

Everything works locally.

Coderunner - https://github.com/instavm/coderunner

Did somewhat exactly that for apple container based sandbox - Coderunner[1]. You can use it to safely execute ai generated code via an MCP at http://coderunner.local:8222

A fun fact about apple containers[2], it's more isolated than docker containers as in it doesn't share the VM across all containers.

1. https://github.com/instavm/coderunner

2. https://github.com/apple/container

If you are on mac, you can use Coderunner[1]. It will run locally on your and execute any AI generated code in an apple container.

1. Coderunner - https://github.com/instavm/coderunner

Last I tried, it wasn't. In that vein you can use Qwen code too.