works completely locally with a decent model: https://github.com/jakejimenez/sentinelsearch

Make a proof of concept, honestly worked fairly well: https://github.com/jakejimenez/sentinelsearch

Very cool stuff, gave me the inspiration to try it locally. Works fairly well I think: https://github.com/jakejimenez/sentinelsearch

more or less works similarly, made a proof of concept for it: https://github.com/jakejimenez/sentinelsearch

Very cool, thanks. Will check it out.

This idea of harness engineering, is being thrown around more and more often nowadays. I believe I'm using things at that level but still needing to review so as to understand the architecture. Flaky tests are still a massive issue.

Looks cool, I'll give it a shot. Is this any different from /sandbox command?

Yeah, the underlying sandbox technology between Ash and CC is fundamentally different.

Ash is built on the Endpoint Security and Network Extension APIs. Together, they cover the full gamut of potential sandbox escapes, and it's a simple process to update sandbox rules while the sandboxed process is running.

Claude Code sandbox is built mainly on sandbox-exec, an older macOS sandbox technology. It works for filesystem and IO device control, but it can only filter network requests by IP address. CC uses an application-level network proxy as a workaround, but not every network client respects the HTTP_PROXY env variable it requires. There are other workarounds in CC sandbox for complex use cases (e.g. dangerouslyDisableSandbox) that Ash does not need.

Yep, just tried to post and I'm not able. Unfortunate. :/