Table of Contents generated with DocToc
tools/agent-isolation/ — secure agent setup helpersThis directory ships the moving pieces the framework's secure-agent-setup.md document references. It is not a Python project (unlike the sibling tools under tools/vulnogram/ and tools/gmail/oauth-draft/) — these are plain shell scripts plus a TOML manifest of pinned upstream versions.
| File | Purpose |
|---|---|
pinned-versions.toml | Machine-readable manifest of pinned upstream versions for bubblewrap, socat, and claude-code. Each entry carries a released date that satisfies the framework's 7-day cooldown convention. |
check-tool-updates.sh | Reads the manifest and reports upstream releases that are newer than the pin AND have themselves aged past the 7-day cooldown. Side-effect-free — no installs, no edits, no PRs. |
claude-iso.sh | Shell function to launch Claude Code with env -i and a tiny passthrough list, stripping every credential-shaped environment variable from the parent shell. The framework's “layer 0” of the secure setup. |
# Initial install (read pinned-versions.toml for the version pin): sudo apt-get install --no-install-recommends bubblewrap=0.11.1-* socat=1.8.1.1-* npm install -g --no-save @anthropic-ai/claude-code@2.1.117 # Source the wrapper into your shell: source /path/to/airflow-steward/tools/agent-isolation/claude-iso.sh # Launch a session with no inherited credentials: cd ~/code/<tracker> claude-iso # Periodically (or via /schedule weekly), check for upgrade candidates: bash /path/to/airflow-steward/tools/agent-isolation/check-tool-updates.sh
../../secure-agent-setup.md — the user-facing setup document. Read that first.../../.claude/settings.json — the framework's own dogfooded secure config. Adopters scaffold their own version from the example block in secure-agent-setup.md.