sandcastlelisted

# Sandcastle ## Overview Sandcastle is a Nix-wrapped CLI around Anthropic's `sandbox-runtime` that uses bubblewrap (bwrap) to sandbox command execution with filesystem and network restrictions. It runs on Linux without requiring root privileges. ## CLI Interface ``` sandcastle [options] [command...] Options: -d, --debug Enable debug logging (prints bwrap command, config) --config <path> Path to JSON config file (default: ~/.srt-settings.json) --shell <shell> Shell to execute the command with --control-fd <fd> Read config updates from file descriptor (JSON lines) ``` ### Invocation Patterns Pass commands as positional arguments. Each argument is automatically shell-quoted to preserve boundaries through bwrap's nested `bash -c` layers: ```bash # Simple command sandcastle echo hello # Command with flags (no special handling needed) sandcastle ls -la /tmp # Complex command via --shell sandcastle --shell bash echo hello world # With config file sandcastle --config /path/to/policy.json my-command --flag value ``` **Important**: Sandcastle cannot be nested. Running `sandcastle sandcastle ...` will fail with "Failed to create bridge sockets". When testing sandcastle itself, invoke bats directly without a sandcastle wrapper. ### Debug Mode Enable `--debug` to see the constructed bwrap command, resolved config, and network restriction details. Useful for diagnosing permission denials or unexpected behavior. ## Configuration Format The confi