With the rise of things like AI agents wanting to run commands on my computer, I wanted a way to let them do that but in a safe environment. `sandbox` is a tool that utilizes built in Linux features like namespaces and OverlayFS to create essentially a container that looks and feels pretty much identical to my host machine, but any changes made are done in a staging area that I can later accept or reject changes from. There's also a crude network on/off toggle so if I'm running something I don't trust not to send data off to malicious actor, I can sandbox it without network access.

While my own use case primarily revolves around letting AI agents run amok in their own sandboxes, it's meant to be general purpose and I could see it being useful for some development tasks like testing file migrations or other file management tasks where you want to snapshot and discard frequently. Another use case I'll be using it for is to vet installing things from whatever trendy shell based installer that expects you to curl pipe a shell script into sudo bash, and in general running things I don't fully trust not to inadvertently mess something up on my computer.

This is the initial public release. I've been using it internally for a couple of months now and I think I have most of the serious issues squashed, but I'm sure there are some issues and many improvements to be made, feedback and bug reports are appreciated.