[interleave]

Super cool. Any indication if sandboxes can/will be part of the non-desktop docker tooling?

[interleave]

PS: Also, this is wild!

> What this does: apiKeyHelper tells Claude Code to run echo proxy-managed to get its API key. The sandbox’s network proxy intercepts outgoing API calls and swaps this sentinel value for your real Anthropic key, so the actual key never exists inside the sandbox.

[evnix]

This is similar to how I solved a BYOK(bring your own key) feature at work. We had a lot of hardcoded endpoints and structures on the client and code that was too difficult to move over a nice BYOK structure within the given timeframe. So we ended up making a proxy that basically injected customer keys as they passed through our servers. note that there are a lot security implications doing this.

[interleave]

Makes total sense and I would have never even considered injecting keys on the fly. Love it!

[domh]

This is similar to Deno Sandbox[1] which was announced a couple of weeks back. Apparently also something similar is done with fly.io's tokenizer[2][3]

[1]: https://deno.com/blog/introducing-deno-sandbox

[2]: https://news.ycombinator.com/item?id=46874959

[3]: https://github.com/superfly/tokenizer