Feature request: Project-scoped sandbox mode

Resolved 💬 2 comments Opened Jan 18, 2026 by albertgeorglang Closed Jan 19, 2026

Problem

Currently, the permission system offers two extremes:

  1. Granular permissions - Every new bash command requires confirmation, which interrupts workflow
  2. --dangerously-skip-permissions - No restrictions at all, including outside the project directory

There's no middle ground for users who want autonomous operation within their project but protection against accidental changes outside of it.

Proposed Solution

A flag like --sandbox-to-project or --restrict-to-cwd that:

  • Allows all file operations (Read, Edit, Write) only within the project directory
  • Allows all bash commands but blocks those affecting paths outside the project
  • Technically enforces these restrictions (not just a prompt instruction)

Use Case

Users who want Claude to work autonomously on their project without worrying about unintended side effects on other parts of their system.

Current Workaround

Adding instructions to CLAUDE.md like "never access files outside the project folder" - but this is not technically enforced and relies on the model following instructions correctly (which isn't 100% reliable).

View original on GitHub ↗

This issue has 2 comments on GitHub. Read the full discussion on GitHub ↗