DEV Community

Cover image for Sanboxed Claude Code
Santiago Botto
Santiago Botto

Posted on

Sanboxed Claude Code

#docker #ai

In case anyone cares about it, you can run Claude inside a container if you want to make sure to only give it the context of the codebase on which you're currently working, not your whole OS.

This isn't news, nothing that I'll post here is gonna be blowing anyone's mind, I simply want to share my take on specific topics.

  1. Create your own sandbox image. Dockerfile shown here for reference, but can be whatever suits you as long as it has npm for installing Claude:

        FROM node:24-alpine

# Create a non-root user to run the code
RUN adduser -D claude

# Install Node.js, npm, and bash (as root)
RUN apk update && \
    apk add bash nodejs npm && \
    rm -rf /var/cache/apk/*

# Install claude-code globally (as root)
RUN npm install -g @anthropic-ai/claude-code

# Set the working directory
WORKDIR /workspace

# Give the non-root user ownership of the workspace directory
RUN chown -R claude:claude /workspace

# Switch to the non-root user
USER claude

# Set bash as the default shell
ENV SHELL=/bin/bash

# Add custom aliases for the claude user
RUN echo "alias ll='ls -lah'" > ~/.profile && \
    echo "source ~/.profile" > ~/.bashrc

# Default command to run when the container starts
CMD ["/bin/bash"]

  2. Run an ephemeral container that has access to your current workdir + shared global settings for Claude:

    docker run -it --rm -v $(pwd):/workspace -v ~/.claude:/home/claude/.claude claude-sandbox

    Here, /workspace matches what you defined as WORKDIR in the Dockerfile.

  3. (Optional) Create an alias by adding this to your .bashrc or .zshrc:

    alias claude-sandbox='docker run -it --rm -v $(pwd):/workspace -v ~/.claude:/home/claude/.claude claude-sandbox'

That's it. You're not gonna have to worry about AI going rogue and messing up your whole system just because you got too deep into "vibe coding" and told Claude to do anything it wanted as long as your weekend project ended up working fine.

PS: Claude Code requires either getting a paid subscription through Claude's dedicated dashboard, or purchasing credits via Anthropic's dashboard. I didn't wanna spend 20 bucks for the monthly subscription so I decided to add money into my Anthropic's account as I tested and ended up spending $15 in 30 minutes. Don't be like me, just pay $20 upfront for the monthly subscription if you wanna try it out. Worst-case scenario, you don't like it but can still get a lot more value out of those 20 dollars.

Top comments (0)