docs(agents): add sandbox and temp file usage guidelines
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
mwiegand
parent
b04ed3ffa0
commit
5631169af2
1 changed files with 5 additions and 0 deletions
|
|
@ -14,6 +14,11 @@
|
||||||
project's `AGENTS.md` / `CLAUDE.md` specifies a different directory,
|
project's `AGENTS.md` / `CLAUDE.md` specifies a different directory,
|
||||||
that wins.
|
that wins.
|
||||||
|
|
||||||
|
## Sandbox
|
||||||
|
|
||||||
|
- **Always run commands sandboxed first.** Only use `dangerouslyDisableSandbox: true` as a last resort after a sandbox-related failure — never preemptively.
|
||||||
|
- **On sandbox failure:** analyze the error message for the blocked path, then suggest adding it to `sandbox.filesystem.allowWrite` in `~/.claude/settings.json`. Only fall back to `dangerouslyDisableSandbox: true` if the path can't be determined or the user prefers it.
|
||||||
|
|
||||||
## Temporary Files
|
## Temporary Files
|
||||||
|
|
||||||
- **Use `$TMPDIR` or `.tmp/` (project-local) for temporary files.** Never use `/tmp` directly or paths like `/Library/Application Support` — those are not in the sandbox allowlist and trigger permission prompts.
|
- **Use `$TMPDIR` or `.tmp/` (project-local) for temporary files.** Never use `/tmp` directly or paths like `/Library/Application Support` — those are not in the sandbox allowlist and trigger permission prompts.
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue