ClaudeCage

<div id="header" align="center"> <img src="icon.svg" width="250px" /> <h1>ClaudeCage</h1> <p> <strong>English</strong> | <a href="README_zh.md">简体中文</a> </p> </div>

Run the SOTA AI coding agent in a portable, secure sandbox.

Claude Code is a state-of-the-art AI coding assistant. Unfortunately, its CLI is distributed as closed-source and obfuscated javascript. You don't know what it's doing. Is it reading your SSH keys? Is it indexing your photos? Is it planning some Skynet world domination from your ~/Downloads folder?

Probably not... but why risk it?

ClaudeCage solves this by packaging the Claude Code CLI into a fully isolated, single-file container. It cannot access any part of your system except for the single project directory you are currently working in.

Breaking change: the build output is now named claude (plus claude.rcfg), so it can act as a drop-in replacement for the original claude CLI (but sandboxed).

Features

• Secure Sandbox: Powered by Linux namespaces, the claude process is heavily restricted and cannot access your home directory, network information, or other processes.
• Single-File Portability: The entire environment—the claude binary, the bun runtime, and all dependencies—is packed into a single executable file. Download it, make it executable, and run it.