Codex has some OS-level sandboxing by default that confines its actions to the c... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		aniviacat 8 days ago \| parent \| context \| favorite \| on: OpenCode – Open source AI coding agent Codex has some OS-level sandboxing by default that confines its actions to the current workspace [1]. OpenCode has no sandboxing, as far as I know. That makes Codex a much better choice for security. [1] https://developers.openai.com/codex/concepts/sandboxing

		help

nezhar 7 days ago | [–]

I created VibePod, which allows you to sandbox the agents in containers and monitor their activities. It also supports OpenCode.

https://github.com/VibePod/vibepod-cli

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact