Skip to content
Security & Permissions Intermediate

Sandboxed Execution

Run Claude with OS-level filesystem sandbox and extended directory access via --add-dir

Command

$ "color:#7C5CFC">claude -p "Analyze logs in /var/log/app" \
    "color:#d97757">--add-dir /var/log/app \
    "color:#d97757">--add-dir /etc/app-config \
    "color:#d97757">--output-format json

Response

{
  "result": "Log analysis complete. Found 23 errors in the last 24h...",
  "permission_denials": []
}

Parsing Code

059669">">// --add-dir extends sandbox to additional directories
059669">">// Without it, accessing /059669">">var/log/app would be blocked:
059669">">// permission_denials: [{ tool_name: 059669059669">">'Read', tool_input: { file_path: 059669059669">">'/var/log/app/error.log' } }]

Gotchas

! macOS uses Seatbelt (kernel-level enforcement), Linux uses bubblewrap
! --add-dir paths must be absolute — relative paths are rejected

Related Recipes

Read-Only Agent Network-Isolated Mode