codex-sandbox
Codex Sandbox Skill
LIBRARY-FIRST PROTOCOL (MANDATORY)
Before writing ANY code, you MUST check:
Step 1: Library Catalog
- Location:
.claude/library/catalog.json - If match >70%: REUSE or ADAPT
Step 2: Patterns Guide
- Location:
.claude/docs/inventories/LIBRARY-PATTERNS-GUIDE.md - If pattern exists: FOLLOW documented approach
Step 3: Existing Projects
- Location:
D:\Projects\* - If found: EXTRACT and adapt
Decision Matrix
| Match | Action |
|---|---|
| Library >90% | REUSE directly |
| Library 70-90% | ADAPT minimally |
| Pattern exists | FOLLOW pattern |
| In project | EXTRACT |
| No match | BUILD (add to library after) |
Purpose
Execute code in Codex's fully isolated sandbox environment for safe experimentation with untrusted or risky code.
Unique Capability
What Claude Can't Do: Claude runs in your environment. Codex sandbox provides:
- Network DISABLED: No external connections
- CWD only: Cannot access parent directories
- OS-level isolation: macOS Seatbelt or Docker
- Resource limits: CPU, memory constraints
- Safe experimentation: Can't break your system
When to Use
Perfect For:
- Running untrusted code safely
- Risky refactoring experiments
- Testing code with potential bugs
- Isolated prototyping
- Security research
- Experimental dependencies
Don't Use When:
- Need network access
- Need to access files outside project
- Production debugging
Usage
# Basic sandbox execution
/codex-sandbox "Refactor auth system and run tests"
# With iteration limit
/codex-sandbox "Fix all tests" --max-iterations 10
# Risky experiment
/codex-sandbox "Try experimental algorithm implementation"
CLI Command
codex --full-auto --sandbox true --network disabled "Your task"
# Via script
CODEX_MODE=sandbox bash scripts/multi-model/codex-yolo.sh "Task" "id" "." "10" "sandbox"
Isolation Layers
| Layer | Protection |
|---|---|
| Network | DISABLED - no external connections |
| Filesystem | CWD only - no parent access |
| OS-Level | Seatbelt (macOS) / Docker |
| Process | Subprocess jail with limits |
| Commands | Blocked: rm -rf, sudo, etc. |
Integration Pattern
// 1. Run risky refactoring in sandbox
const result = await codexSandbox("Refactor entire auth system");
// 2. If successful, apply to real codebase
if (result.tests_pass) {
Task("Coder", "Apply sandboxed changes to main", "coder");
}
Memory Integration
- Key:
multi-model/codex/sandbox/{session_id} - Contains: commands, files created/modified, test results
More from dnyoussef/context-cascade
reverse-engineering-deep-analysis
Advanced binary analysis with runtime execution and symbolic path exploration (RE Levels 3-4). Use when need runtime behavior, memory dumps, secret extraction, or input synthesis to reach specific program states. Completes in 3-7 hours with GDB+Angr.
52reverse-engineering-firmware-analysis
Firmware extraction and IoT security analysis (RE Level 5) for routers and embedded systems. Use when analyzing IoT firmware, extracting embedded filesystems (SquashFS/JFFS2/CramFS), finding hardcoded credentials, performing CVE scans, or auditing embedded system security. Handles encrypted firmware with known decryption schemes. Completes in 2-8 hours with binwalk+firmadyne+QEMU emulation.
23reasoningbank-adaptive-learning-with-agentdb
---
14reverse-engineering-quick-triage
Fast binary analysis with string reconnaissance and static disassembly\ \ (RE Levels 1-2). Use when triaging suspicious binaries, extracting IOCs quickly,\ \ or performing initial malware analysis. Completes in \u22642 hours with automated\ \ decision gates.
13web-scraping
Structured data extraction from web pages using claude-in-chrome MCP with sequential-thinking planning. Focus on READ operations, data transformation, and pagination handling for multi-page extraction.
10build-feature
Build feature command
7