> I'm guessing the next thing I should probably look into is some sort of machine vm I can tunnel my codex-gui requests to so I don't have to deal with the sandbox approvals (I don't want to give it "dangerous" access to my entire mac).
Sandboxing using Docker, Podman, containerd (linux only), seatbelt (macos only), tart (macos only), apple container (macos 26+ only).
It takes a copy of your workdir, does its thing inside of the sandbox, and you pull the results back using git semantics:
$ yoloai new mybugfix . -a # launch default sandbox in . and also attach the terminal
# Work with the agent...
$ yoloai diff mybugfix # See what it did
$ yoloai apply mybugfix # Bring out commits and/or uncommitted changes.
$ yoloai destroy mybugfix
This is what https://github.com/kstenerud/yoloai does.
Sandboxing using Docker, Podman, containerd (linux only), seatbelt (macos only), tart (macos only), apple container (macos 26+ only).
It takes a copy of your workdir, does its thing inside of the sandbox, and you pull the results back using git semantics: