I run vscode based agents in Linux, mostly Kilo Code After a bit of tinkering I ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		aussieguy1234 4 days ago \| parent \| context \| favorite \| on: Ask HN: How are you sandboxing coding agents? I run vscode based agents in Linux, mostly Kilo Code After a bit of tinkering I was able to get it to all run fine in Firejail, I wrote a guide here https://softwareengineeringstandard.com/2025/12/15/ai-agents... Fairly basic, limits the agents write access to my projects, all of which are backed up in git.

techsystems 4 days ago [–]

Thanks for the share, but I'm having a hard time understanding this.

On step 2, it's only jailing VS Code. Shouldn't it also jail the Git repo you're working on (and disable `git push` somehow), as well as all the env libs?

Also, isn't the point of this to auto approve everything?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact