sandbox-vibe 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +79 -0
  2. package/package.json +4 -3
package/README.md ADDED
@@ -0,0 +1,79 @@
1
+ # sandbox-vibe
2
+
3
+ [![npm version](https://img.shields.io/npm/v/sandbox-vibe.svg)](https://www.npmjs.com/package/sandbox-vibe)
4
+ [![License: MIT](https://img.shields.io/badge/license-MIT-blue.svg)](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/LICENSE)
5
+
6
+ > Plug-and-play Docker sandbox for AI-assisted vibe coding — Claude Code running isolated, with idempotent plugin/MCP bootstrap and security limits enforced by default.
7
+
8
+ When you let an AI agent edit your code, three things must hold at the same time:
9
+
10
+ 1. The agent **cannot** delete `~/`, leak credentials, or run `rm -rf` on the host.
11
+ 2. The agent **can** read and write only on the projects you authorize.
12
+ 3. You **don't waste time** reconfiguring plugins, MCPs, and language servers every time you spin up a new container.
13
+
14
+ `sandbox-vibe` delivers all three through a four-file Docker template, distributed as this CLI.
15
+
16
+ ---
17
+
18
+ ## Quickstart
19
+
20
+ From inside the project you want to sandbox:
21
+
22
+ ```bash
23
+ npx sandbox-vibe init # interactive wizard
24
+ npx sandbox-vibe up # build + run the Claude REPL
25
+ ```
26
+
27
+ The wizard asks for the workspace path, optional sibling mounts, your stack (PHP / .NET / Python / Go / Rust LSP support), plugins, MCP servers, and resource limits. It writes the four sandbox files plus a `config.json` to `.sandbox-vibe/` in your project root and updates `.gitignore` for you.
28
+
29
+ The first `up` runs the bootstrap (installs marketplaces, plugins, MCPs, language servers) and drops into the Claude REPL. Every subsequent `up` skips the bootstrap and opens the REPL in milliseconds.
30
+
31
+ When you change the plugin or MCP list, just re-run `up` — the CLI detects the change automatically and re-bootstraps once.
32
+
33
+ ---
34
+
35
+ ## What you get
36
+
37
+ - **Kernel-enforced isolation** — non-root user, `cap_drop: ALL`, `no-new-privileges`, `pids: 256`, ephemeral `tmpfs /tmp`. The agent cannot reach your host filesystem, your SSH keys, or your other projects.
38
+ - **Per-project Claude home volume** — sessions, marketplace tokens, and installed plugins stay scoped to the project that created them. No cross-project credential leakage.
39
+ - **Idempotent bootstrap** — plugins, MCPs, and language servers install once on the first run and are skipped from then on. Changing the configuration retriggers a fresh bootstrap automatically.
40
+ - **Egress works, host LAN does not** — `network_mode: bridge` lets MCPs reach the public internet but blocks access to your router, NAS, or other LAN devices.
41
+
42
+ ---
43
+
44
+ ## Requirements
45
+
46
+ - Node.js 20 or newer (for the CLI itself).
47
+ - Docker Desktop or Docker Engine with Compose v2 (for the sandbox container).
48
+
49
+ ---
50
+
51
+ ## Commands
52
+
53
+ | Command | What it does |
54
+ | --- | --- |
55
+ | `sandbox-vibe init` | Interactive wizard that writes `.sandbox-vibe/` with the four sandbox files and a `config.json`. |
56
+ | `sandbox-vibe init --non-interactive` | Same, but uses defaults (suitable for CI). |
57
+ | `sandbox-vibe init --force` | Overwrite an existing `.sandbox-vibe/` without confirmation. |
58
+ | `sandbox-vibe up` | Build the sandbox images and drop into the Claude REPL. |
59
+ | `sandbox-vibe bump-marker` | Force a re-bootstrap on the next `up` (useful if you edited the entrypoint by hand). |
60
+
61
+ ---
62
+
63
+ ## Documentation
64
+
65
+ Full documentation lives in the GitHub repository:
66
+
67
+ - [**Architecture**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/docs/architecture.md) — base / override split, bootstrap phases, security defaults, threat model.
68
+ - [**Manual setup**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/docs/manual-setup.md) — clone and edit the template by hand, without the CLI.
69
+ - [**Customization**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/docs/customization.md) — add a language server, add an MCP server, change CPU / memory / PID limits.
70
+ - [**Troubleshooting**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/docs/troubleshooting.md) — common error messages and root causes.
71
+ - [**Security**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/SECURITY.md) — vulnerability disclosure, threat model boundary.
72
+ - [**Contributing**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/CONTRIBUTING.md) — PR flow, commit rules, local setup.
73
+ - [**Changelog**](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/CHANGELOG.md) — version history.
74
+
75
+ ---
76
+
77
+ ## License
78
+
79
+ MIT — see [LICENSE](https://github.com/navegar-sistemas/sandbox-vibe/blob/main/LICENSE).
package/package.json CHANGED
@@ -1,13 +1,14 @@
1
1
  {
2
2
  "name": "sandbox-vibe",
3
- "version": "0.1.0",
3
+ "version": "0.1.1",
4
4
  "description": "Plug-and-play Docker sandbox for Claude Code with idempotent plugin and MCP bootstrap and security limits enforced by default",
5
5
  "type": "module",
6
6
  "bin": {
7
7
  "sandbox-vibe": "dist/cli.mjs"
8
8
  },
9
9
  "files": [
10
- "dist"
10
+ "dist",
11
+ "README.md"
11
12
  ],
12
13
  "engines": {
13
14
  "node": ">=20.0.0"
@@ -31,7 +32,7 @@
31
32
  "repository": {
32
33
  "type": "git",
33
34
  "url": "git+https://github.com/navegar-sistemas/sandbox-vibe.git",
34
- "directory": "cli"
35
+ "directory": "package"
35
36
  },
36
37
  "homepage": "https://github.com/navegar-sistemas/sandbox-vibe#readme",
37
38
  "bugs": {