Sandbox Security Configuration SOP

metadata:
  skill_name: when-configuring-sandbox-security-use-sandbox-configurator
  version: 1.0.0
  category: specialized-tools
  difficulty: intermediate
  estimated_duration: 20-40 minutes
  trigger_patterns:
    - "configure sandbox security"
    - "sandbox isolation"
    - "file system boundaries"
    - "sandbox permissions"
    - "secure sandbox"
  dependencies:
    - Claude Code sandbox environment
    - Admin/root access (if applicable)
  agents:
    - security-manager (security architect)
    - cicd-engineer (infrastructure specialist)
  success_criteria:
    - Security policies defined
    - File boundaries configured
    - Network isolation set
    - Policies tested and verified
    - Documentation complete

Overview

Configure Claude Code sandbox security with file system and network isolation boundaries. Ensures safe code execution with proper access controls and resource limits.

Prerequisites

Required:

• Claude Code environment
• Understanding of security requirements

Optional:

• Existing security policies
• Compliance requirements (SOC2, HIPAA, etc.)

Verification:

# Check Claude Code version
claude --version

# Verify sandbox availability
echo "Sandbox check"

Agent Responsibilities

security-manager (Security Architect)

Role: Design security policies, define boundaries, validate configurations

Expertise:

• Security architecture
• Access control systems
• Compliance requirements
• Threat modeling

Output: Security policies, boundary definitions, validation tests

cicd-engineer (Infrastructure Specialist)

Role: Implement security configurations, manage resources, deploy policies

Expertise:

• Infrastructure management
• System configuration
• Deployment automation
• Monitoring setup

Output: Configuration files, deployment scripts, monitoring tools

Phase 1: Assess Security Requirements

Objective: Identify security needs, compliance requirements, and threat models

Evidence-Based Validation:

• Requirements documented
• Threat model created
• Compliance needs identified
• Risk assessment complete

security-manager Actions:

# Pre-task coordination
npx claude-flow@alpha hooks pre-task --description "Assess sandbox security requirements"

# Create security directory structure
mkdir -p sandbox-security/{policies,config,tests,docs}

# Document security requirements
cat > sandbox-security/docs/REQUIREMENTS.md << 'EOF'
# Sandbox Security Requirements

## Objectives
- Prevent unauthorized file access
- Isolate network communications
- Enforce resource limits
- Audit all operations
- Comply with security standards

## Threat Model

### Threats
1. **File System Escape**: Unauthorized access to host files
2. **Network Intrusion**: Malicious network connections
3. **Resource Exhaustion**: DoS through resource abuse
4. **Data Exfiltration**: Unauthorized data transfer
5. **Privilege Escalation**: Gaining unauthorized permissions

### Mitigations
1. File system boundaries and whitelisting
2. Network isolation and domain restrictions
3. CPU/memory/disk quotas
4. Audit logging and monitoring
5. Least privilege principles

## Compliance Requirements
- SOC 2 Type II (if applicable)
- GDPR data protection
- Internal security policies
- Industry standards (OWASP, NIST)

## Access Control
- Read-only for system files
- Read-write for workspace only
- No access to sensitive directories (/etc, /root, /sys)
- Temp directory with size limits
EOF

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/docs/REQUIREMENTS.md" --memory-key "sandbox/requirements"

# Create threat assessment
cat > sandbox-security/docs/THREAT-ASSESSMENT.md << 'EOF'
# Threat Assessment

## Risk Matrix

| Threat | Likelihood | Impact | Risk Level | Mitigation Priority |
|--------|-----------|--------|------------|-------------------|
| File Escape | Medium | Critical | High | P0 |
| Network Intrusion | Low | High | Medium | P1 |
| Resource Exhaustion | High | Medium | Medium | P1 |
| Data Exfiltration | Low | Critical | High | P0 |
| Privilege Escalation | Low | Critical | High | P0 |

## Recommended Controls

### Critical (P0)
1. File system boundaries with strict whitelisting
2. Network isolation with trusted domain list
3. Mandatory audit logging

### High (P1)
4. Resource quotas and limits
5. Real-time monitoring and alerts
6. Regular security audits

### Medium (P2)
7. Automated security testing
8. Incident response procedures
9. Security awareness training
EOF

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/docs/THREAT-ASSESSMENT.md" --memory-key "sandbox/threat-assessment"

# Store requirements in memory
npx claude-flow@alpha memory store \
  --key "sandbox/phase1-complete" \
  --value "{\"status\": \"complete\", \"threats_identified\": 5, \"controls_defined\": 9, \"timestamp\": \"$(date -Iseconds)\"}"

Success Criteria:

• Requirements documented
• Threat model created
• Risk matrix defined
• Controls prioritized

Phase 2: Configure File Isolation

Objective: Set file system boundaries, define access rules, implement restrictions

Evidence-Based Validation:

• Boundaries configured
• Whitelist/blacklist defined
• Access rules tested
• Unauthorized access blocked

security-manager Actions:

# Define file system policy
cat > sandbox-security/policies/file-system-policy.json << 'EOF'
{
  "file_system": {
    "mode": "whitelist",
    "workspace": {
      "path": "/workspace",
      "permissions": "read-write",
      "size_limit_gb": 10
    },
    "allowed_paths": [
      "/workspace/**",
      "/tmp/sandbox/**",
      "/usr/local/bin",
      "/usr/bin",
      "/bin"
    ],
    "denied_paths": [
      "/etc/**",
      "/root/**",
      "/sys/**",
      "/proc/**",
      "/dev/**",
      "/home/**",
      "~/.ssh/**",
      "~/.aws/**",
      "~/.config/**"
    ],
    "temp_directory": {
      "path": "/tmp/sandbox",
      "size_limit_mb": 1000,
      "auto_cleanup": true,
      "cleanup_age_hours": 24
    },
    "readonly_paths": [
      "/usr/local/lib",
      "/usr/lib",
      "/lib"
    ]
  },
  "enforcement": {
    "strict_mode": true,
    "symlink_resolution": "deny",
    "case_sensitive": true,
    "audit_all_access": true
  }
}
EOF

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/policies/file-system-policy.json" --memory-key "sandbox/file-policy"

cicd-engineer Actions:

# Create file isolation configuration script
cat > sandbox-security/config/configure-file-isolation.sh << 'EOF'
#!/bin/bash
set -e

echo "Configuring file system isolation..."

# Create workspace directory
mkdir -p /workspace
chmod 755 /workspace

# Create isolated temp directory
mkdir -p /tmp/sandbox
chmod 1777 /tmp/sandbox

# Set resource limits
cat > /etc/security/limits.d/sandbox.conf << 'LIMITS'
sandbox soft fsize 10485760
sandbox hard fsize 10485760
sandbox soft nofile 1024
sandbox hard nofile 2048
LIMITS

# Configure AppArmor profile (if available)
if command -v apparmor_parser &> /dev/null; then
  cat > /etc/apparmor.d/sandbox << 'APPARMOR'
#include <tunables/global>

profile sandbox {
  #include <abstractions/base>

  /workspace/** rw,
  /tmp/sandbox/** rw,
  /usr/bin/** rix,
  /bin/** rix,

  deny /etc/** rwklx,
  deny /root/** rwklx,
  deny /sys/** rwklx,
  deny /proc/sys/** rwklx,
  deny /home/** rwklx,
}
APPARMOR

  apparmor_parser -r /etc/apparmor.d/sandbox
  echo "AppArmor profile loaded"
fi

echo "File isolation configured successfully"
EOF

chmod +x sandbox-security/config/configure-file-isolation.sh

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/config/configure-file-isolation.sh" --memory-key "sandbox/file-config"

# Store configuration
npx claude-flow@alpha memory store \
  --key "sandbox/phase2-complete" \
  --value "{\"status\": \"complete\", \"file_boundaries\": true, \"timestamp\": \"$(date -Iseconds)\"}"

Success Criteria:

• File policy defined
• Configuration script created
• Boundaries enforced
• Access restrictions tested

Phase 3: Configure Network Isolation

Objective: Define trusted domains, implement network restrictions, configure firewall rules

Evidence-Based Validation:

• Network policy configured
• Trusted domains whitelisted
• Malicious connections blocked
• DNS filtering active

security-manager Actions:

# Define network security policy
cat > sandbox-security/policies/network-policy.json << 'EOF'
{
  "network": {
    "mode": "whitelist",
    "trusted_domains": [
      "*.anthropic.com",
      "api.openai.com",
      "github.com",
      "*.github.com",
      "raw.githubusercontent.com",
      "npmjs.org",
      "*.npmjs.org",
      "pypi.org",
      "*.pypi.org",
      "docker.io",
      "*.docker.io"
    ],
    "blocked_domains": [
      "*.example-malicious.com",
      "suspicious-domain.net"
    ],
    "allowed_ports": {
      "outbound": [80, 443, 22, 3000, 5000, 8000, 8080],
      "inbound": [3000, 5000, 8000, 8080]
    },
    "protocols": {
      "allowed": ["http", "https", "ssh", "git"],
      "denied": ["ftp", "telnet", "smtp"]
    },
    "rate_limiting": {
      "enabled": true,
      "requests_per_minute": 100,
      "burst": 150
    }
  },
  "firewall": {
    "default_policy": "deny",
    "egress_rules": [
      {
        "action": "allow",
        "destination": "trusted_domains",
        "ports": [80, 443]
      }
    ],
    "ingress_rules": [
      {
        "action": "allow",
        "source": "localhost",
        "ports": [3000, 8000, 8080]
      }
    ]
  }
}
EOF

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/policies/network-policy.json" --memory-key "sandbox/network-policy"

cicd-engineer Actions:

# Create network isolation configuration
cat > sandbox-security/config/configure-network-isolation.sh << 'EOF'
#!/bin/bash
set -e

echo "Configuring network isolation..."

# Create firewall rules (using iptables)
if command -v iptables &> /dev/null; then
  # Default deny
  iptables -P INPUT DROP
  iptables -P FORWARD DROP
  iptables -P OUTPUT DROP

  # Allow loopback
  iptables -A INPUT -i lo -j ACCEPT
  iptables -A OUTPUT -o lo -j ACCEPT

  # Allow established connections
  iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
  iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

  # Allow outbound HTTPS to trusted domains
  iptables -A OUTPUT -p tcp --dport 443 -j ACCEPT
  iptables -A OUTPUT -p tcp --dport 80 -j ACCEPT

  # Allow outbound SSH
  iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT

  # Allow inbound on application ports
  iptables -A INPUT -p tcp --dport 3000 -j ACCEPT
  iptables -A INPUT -p tcp --dport 8000 -j ACCEPT
  iptables -A INPUT -p tcp --dport 8080 -j ACCEPT

  echo "Firewall rules configured"
fi

# Configure DNS filtering (using hosts file)
cat >> /etc/hosts << 'HOSTS'
# Blocked domains
127.0.0.1 example-malicious.com
127.0.0.1 suspicious-domain.net
HOSTS

echo "Network isolation configured successfully"
EOF

chmod +x sandbox-security/config/configure-network-isolation.sh

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/config/configure-network-isolation.sh" --memory-key "sandbox/network-config"

# Store configuration
npx claude-flow@alpha memory store \
  --key "sandbox/phase3-complete" \
  --value "{\"status\": \"complete\", \"network_isolated\": true, \"timestamp\": \"$(date -Iseconds)\"}"

Success Criteria:

• Network policy defined
• Firewall rules configured
• Trusted domains whitelisted
• Malicious domains blocked

Phase 4: Test Security Policies

Objective: Validate all security configurations through comprehensive testing

Evidence-Based Validation:

• All tests passing
• Unauthorized access blocked
• Authorized access permitted
• No false positives/negatives

security-manager Actions:

# Create security test suite
cat > sandbox-security/tests/security-tests.sh << 'EOF'
#!/bin/bash

PASS=0
FAIL=0

echo "Running Security Test Suite"
echo "============================"

# Test 1: File system boundaries
echo -e "\nTest 1: File system access control"
if ! cat /etc/shadow 2>/dev/null; then
  echo "✓ Cannot read /etc/shadow"
  ((PASS++))
else
  echo "✗ Can read /etc/shadow (SECURITY ISSUE)"
  ((FAIL++))
fi

# Test 2: Workspace access
echo -e "\nTest 2: Workspace access"
if touch /workspace/test.txt 2>/dev/null; then
  echo "✓ Can write to workspace"
  ((PASS++))
  rm -f /workspace/test.txt
else
  echo "✗ Cannot write to workspace"
  ((FAIL++))
fi

# Test 3: Temp directory access
echo -e "\nTest 3: Temp directory access"
if touch /tmp/sandbox/test.txt 2>/dev/null; then
  echo "✓ Can write to temp directory"
  ((PASS++))
  rm -f /tmp/sandbox/test.txt
else
  echo "✗ Cannot write to temp directory"
  ((FAIL++))
fi

# Test 4: SSH key protection
echo -e "\nTest 4: SSH key protection"
if ! cat ~/.ssh/id_rsa 2>/dev/null; then
  echo "✓ Cannot read SSH keys"
  ((PASS++))
else
  echo "✗ Can read SSH keys (SECURITY ISSUE)"
  ((FAIL++))
fi

# Test 5: Network access to trusted domain
echo -e "\nTest 5: Network access (trusted domain)"
if curl -s --max-time 5 https://api.anthropic.com >/dev/null 2>&1; then
  echo "✓ Can access trusted domain"
  ((PASS++))
else
  echo "⚠ Cannot access trusted domain (check network)"
  ((FAIL++))
fi

# Test 6: Network access to blocked domain
echo -e "\nTest 6: Network access (blocked domain)"
if ! curl -s --max-time 5 https://example-malicious.com >/dev/null 2>&1; then
  echo "✓ Cannot access blocked domain"
  ((PASS++))
else
  echo "✗ Can access blocked domain (SECURITY ISSUE)"
  ((FAIL++))
fi

# Summary
echo -e "\n============================"
echo "Test Summary:"
echo "Passed: $PASS"
echo "Failed: $FAIL"
echo "============================"

if [ $FAIL -eq 0 ]; then
  echo "✓ All security tests passed!"
  exit 0
else
  echo "✗ Some security tests failed!"
  exit 1
fi
EOF

chmod +x sandbox-security/tests/security-tests.sh

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/tests/security-tests.sh" --memory-key "sandbox/security-tests"

# Run tests
./sandbox-security/tests/security-tests.sh || echo "Tests failed - review configuration"

cicd-engineer Actions:

# Create automated test runner
cat > sandbox-security/tests/run-all-tests.sh << 'EOF'
#!/bin/bash

echo "Running all security tests..."
echo "=============================="

# Run security test suite
./sandbox-security/tests/security-tests.sh

# Capture results
TEST_RESULT=$?

# Log results
echo "{\"timestamp\": \"$(date -Iseconds)\", \"result\": \"$TEST_RESULT\"}" >> sandbox-security/tests/test-results.log

# Notify
if [ $TEST_RESULT -eq 0 ]; then
  npx claude-flow@alpha hooks notify --message "Security tests passed"
else
  npx claude-flow@alpha hooks notify --message "Security tests FAILED - review immediately"
fi

exit $TEST_RESULT
EOF

chmod +x sandbox-security/tests/run-all-tests.sh

# Post-edit hook
npx claude-flow@alpha hooks post-edit --file "sandbox-security/tests/run-all-tests.sh" --memory-key "sandbox/test-runner"

# Store test results
npx claude-flow@alpha memory store \
  --key "sandbox/phase4-complete" \
  --value "{\"status\": \"complete\", \"tests_passed\": true, \"timestamp\": \"$(date -Iseconds)\"}"

Success Criteria:

• Test suite created
• All tests passing
• Security validated
• Results logged

Phase 5: Deploy and Monitor

Objective: Deploy security configuration and setup continuous monitoring

Evidence-Based Validation:

• Configuration deployed
• Monitoring active
• Alerts configured
• Documentation complete

security-manager Actions:

# Create deployment guide
cat > sandbox-security/docs/DEPLOYMENT.md << 'EOF'
# Security Deployment Guide

## Pre-Deployment Checklist
- [ ] All policies reviewed and approved
- [ ] Test suite passing
- [ ] Backup configuration created
- [ ] Rollback plan documented

## Deployment Steps

1. **Backup Current Configuration**
   ```bash
   ./sandbox-security/scripts/backup-config.sh

2. Deploy File Isolation

   ./sandbox-security/config/configure-file-isolation.sh
   

3. Deploy Network Isolation

   ./sandbox-security/config/configure-network-isolation.sh
   

4. Verify Deployment

   ./sandbox-security/tests/security-tests.sh
   

5. Enable Monitoring

   ./sandbox-security/monitoring/start-monitoring.sh
   

Post-Deployment

• Monitor logs for 24 hours
• Review security alerts
• Conduct security audit
• Update documentation

Rollback Procedure

If issues occur:

./sandbox-security/scripts/rollback-config.sh

EOF

Post-task hook

npx claude-flow@alpha hooks post-task --task-id "sandbox-security-config"

**cicd-engineer Actions:**
```bash
# Create monitoring script
cat > sandbox-security/monitoring/start-monitoring.sh << 'EOF'
#!/bin/bash

echo "Starting security monitoring..."

# Monitor file access
tail -f /var/log/audit/audit.log | grep --line-buffered "denied" &

# Monitor network connections
tcpdump -i any -n 'tcp[tcpflags] & (tcp-syn) != 0' &

# Monitor resource usage
while true; do
  echo "[$(date -Iseconds)] Resource usage:"
  df -h /workspace
  du -sh /tmp/sandbox
  sleep 300
done &

echo "Monitoring started (PIDs: $!)"
EOF

chmod +x sandbox-security/monitoring/start-monitoring.sh

# Create final documentation
cat > sandbox-security/docs/SECURITY-SUMMARY.md << 'EOF'
# Security Configuration Summary

## Implemented Controls

### File System Security
- Whitelist mode enabled
- Workspace: /workspace (10GB limit)
- Temp: /tmp/sandbox (1GB limit, 24h cleanup)
- Denied: /etc, /root, /sys, /proc, /dev, /home, ~/.ssh, ~/.aws

### Network Security
- Whitelist mode enabled
- Trusted domains: *.anthropic.com, github.com, npmjs.org, pypi.org
- Allowed ports: 80, 443, 22, 3000, 5000, 8000, 8080
- Firewall: Default deny with specific allow rules
- Rate limiting: 100 req/min, burst 150

### Monitoring
- File access auditing
- Network connection monitoring
- Resource usage tracking
- Security alert system

## Security Posture

| Control | Status | Effectiveness |
|---------|--------|---------------|
| File Isolation | ✓ Active | High |
| Network Isolation | ✓ Active | High |
| Resource Limits | ✓ Active | Medium |
| Audit Logging | ✓ Active | High |
| Monitoring | ✓ Active | Medium |

## Compliance
- SOC 2 Type II controls implemented
- GDPR data protection measures in place
- Internal security policies enforced
- OWASP security guidelines followed

## Maintenance
- Review policies quarterly
- Update trusted domains as needed
- Audit logs monthly
- Test security weekly
- Update documentation continuously
EOF

# Post-edit hooks
npx claude-flow@alpha hooks post-edit --file "sandbox-security/monitoring/start-monitoring.sh" --memory-key "sandbox/monitoring"
npx claude-flow@alpha hooks post-edit --file "sandbox-security/docs/SECURITY-SUMMARY.md" --memory-key "sandbox/summary"

# Session end
npx claude-flow@alpha hooks session-end --export-metrics true

# Store final status
npx claude-flow@alpha memory store \
  --key "sandbox/phase5-complete" \
  --value "{\"status\": \"complete\", \"deployed\": true, \"monitoring\": true, \"timestamp\": \"$(date -Iseconds)\"}"

npx claude-flow@alpha memory store \
  --key "sandbox/workflow-complete" \
  --value "{\"status\": \"success\", \"security_level\": \"high\", \"compliance\": true, \"timestamp\": \"$(date -Iseconds)\"}"

Success Criteria:

• Configuration deployed
• Monitoring active
• Documentation complete
• Security validated

Workflow Summary

Total Estimated Duration: 20-40 minutes

Phase Breakdown:

1. Assess Security Requirements: 5-10 minutes
2. Configure File Isolation: 5-10 minutes
3. Configure Network Isolation: 5-10 minutes
4. Test Security Policies: 3-5 minutes
5. Deploy and Monitor: 2-5 minutes

Key Deliverables:

• Security policies
• File isolation configuration
• Network isolation configuration
• Security test suite
• Monitoring system
• Complete documentation

Best Practices

1. Defense in Depth: Multiple security layers
2. Least Privilege: Minimal access rights
3. Whitelist Approach: Deny by default
4. Continuous Monitoring: Real-time security
5. Regular Testing: Weekly security tests
6. Documentation: Keep updated
7. Audit Trail: Log all operations
8. Incident Response: Plan for breaches

References

• OWASP Security Guidelines
• NIST Cybersecurity Framework
• Claude Code Security Documentation
• Linux Security Best Practices