adaptationio/security-sandbox
.claude/skills/security-sandbox/SKILL.md
Secure command execution with allowlists and validation hooks. Use when validating bash commands, configuring security policies, implementing pre-tool-use hooks, or sandboxing autonomous agent operations.
$ install --global
skillsauthnpx skillsauth add adaptationio/skrillz security-sandboxInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Mar 31, 2026, 1:35 AM60.3s8 files scanned
SKILL.md
- name:
- security-sandbox
- description:
- Secure command execution with allowlists and validation hooks. Use when validating bash commands, configuring security policies, implementing pre-tool-use hooks, or sandboxing autonomous agent operations.
- version:
- 1.0.0
- category:
- autonomous-coding
- layer:
- foundation
Security Sandbox
Provides defense-in-depth security for autonomous coding operations through command validation, allowlists, and execution hooks.
Quick Start
Validate a Command
from scripts.command_validator import validate_command
result = validate_command("npm install express")
if result.allowed:
# Safe to execute
pass
else:
print(f"Blocked: {result.reason}")
Use Security Hook
from scripts.security_manager import create_bash_security_hook
hook = create_bash_security_hook()
# Hook returns decision for Claude SDK
decision = await hook({
"tool_input": {"command": "rm -rf /"}
})
# decision = {"decision": "block", "reason": "Command 'rm' requires approval"}
Configure Allowlist
from scripts.allowlist import Allowlist
allowlist = Allowlist()
allowlist.add("docker")
allowlist.add("kubectl")
allowlist.remove("rm") # Disallow rm
Security Model
┌─────────────────────────────────────────────────────────────┐
│ DEFENSE IN DEPTH │
├─────────────────────────────────────────────────────────────┤
│ │
│ LAYER 1: SANDBOX │
│ ├─ OS-level isolation │
│ ├─ Filesystem restrictions │
│ └─ Network limitations │
│ │
│ LAYER 2: PERMISSIONS │
│ ├─ Tool allowlist (Read, Write, Bash...) │
│ ├─ Path restrictions (./**) │
│ └─ Operation limits │
│ │
│ LAYER 3: COMMAND VALIDATION │
│ ├─ Command extraction & parsing │
│ ├─ Allowlist checking │
│ └─ Dangerous pattern detection │
│ │
│ LAYER 4: HOOKS │
│ ├─ PreToolUse validation │
│ ├─ Real-time blocking │
│ └─ Audit logging │
│ │
└─────────────────────────────────────────────────────────────┘
Default Allowlist
ALLOWED_COMMANDS = {
# File inspection
"ls", "cat", "head", "tail", "wc", "grep", "find",
# File operations
"cp", "mkdir", "chmod", "touch",
# Node.js
"npm", "node", "npx", "yarn", "pnpm",
# Python
"python", "python3", "pip", "pip3", "poetry",
# Version control
"git",
# Process management
"ps", "lsof", "sleep", "pkill", "kill",
# System info
"pwd", "whoami", "uname", "which", "env",
# Network (limited)
"curl", "wget",
}
Dangerous Patterns
These patterns are always blocked:
| Pattern | Risk | Example |
|---------|------|---------|
| rm -rf / | System destruction | Wipes filesystem |
| > /dev/sda | Disk corruption | Overwrites disk |
| chmod 777 | Security hole | World-writable |
| curl \| bash | Code injection | Remote execution |
| :(){ :\|:& };: | Fork bomb | DoS attack |
| dd if=/dev/zero | Disk fill | Resource exhaustion |
Hook Integration
# For Claude SDK integration
from scripts.security_manager import SecurityManager
manager = SecurityManager()
# Configure SDK with hooks
sdk_options = {
"hooks": {
"PreToolUse": [manager.pre_tool_hook]
}
}
Integration Points
- autonomous-session-manager: Provides security during sessions
- coding-agent: Uses hooks for safe command execution
- autonomous-loop: Ensures safety in continuous operation
References
references/ALLOWED-COMMANDS.md- Full allowlist documentationreferences/SECURITY-MODEL.md- Security architecturereferences/CUSTOM-RULES.md- Custom rule configuration
Scripts
scripts/security_manager.py- Core security managerscripts/command_validator.py- Command validationscripts/allowlist.py- Allowlist managementscripts/sandbox_config.py- Sandbox configuration
Related Skills
adaptationio/ttyd-remote-terminal-wsl2
development
VerifiedTrustedCommunity
Setup secure web-based terminal access to WSL2 from mobile/tablet via ttyd + ngrok/Cloudflare/Tailscale. One-command install, start, stop, status. Use when you need remote terminal access, web terminal, browser-based shell, or mobile access to WSL2 environment.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/tri-ai-collaboration
development
VerifiedTrustedCommunity
Complete development workflows where Claude writes the code while Gemini and Codex provide research, planning, reviews, and different perspectives. Claude remains the main developer. Use for complex projects requiring expert planning and multi-perspective reviews.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/todo-management
development
VerifiedTrustedCommunity
Systematic progress tracking for skill development. Manages task states (pending/in_progress/completed), updates in real-time, reports progress, identifies blockers, and maintains momentum. Use when tracking skill development, coordinating work, or reporting progress.
6SKILL.mdUpdated Mar 28, 2026
adaptationio/testing-workflow
testing
VerifiedTrustedCommunity
Comprehensive testing workflow orchestrating functional testing, example validation, integration testing, and usability assessment. Sequential workflow for complete skill testing from examples through scenarios to integration validation. Use when conducting thorough testing, pre-deployment validation, ensuring skill functionality, or comprehensive quality checks.
6SKILL.mdUpdated Mar 28, 2026