Launching today
Multitui
Sandbox claude code, codex, or any TUI on macOS
72 followers
Sandbox claude code, codex, or any TUI on macOS
72 followers
Multitui is a macOS app factory that generates individual terminal apps for TUI programs, with optional sandbox. Create dedicated native apps for claude code, codex, gemini, lazygit, harlequin, or any TUI.
Multitui
Congrats on the launch — love the sandboxed TUI app factory approach on macOS.
Multitui
@zeiki_yu Thanks! I'm thinking about adding network sandboxing to prevent code and secrets stealing, like Little Snitch, but more fine-grained.
Launching ClaudeCode.app instead of claude is such a clean workflow. Seeing sandbox-exec blocks and adding rules as you go feels like the right balance. Does Multitui ship with presets like repo-only writes and no-network? Safe defaults make this easy to trust.
Multitui
@piroune_balachandran Yes to repo-only writes... only the folder that you open has write access. By default, everything else in your user folder is invisible to claude/codex (not even read-only).
Network sandboxing is not implemented yet, but it's the next big feature. Right now, third-party network filtering apps like Little Snitch work, since you can target it as a dedicated app rather than blocking iterm2 or ghostty. I'm planning some more nuanced network sandboxing, like preventing secrets from leaking and heuristics for preventing code exfiltration.
Congrats on the launch — love the idea of giving coding agents a controlled execution environment. One question from a standards/consistency perspective: how granular can the sandbox rules be? Do you allow defining reusable rule sets or patterns for file access, so the agent behaves consistently across different projects?
Multitui
@dris_keddy The rules are pretty granular and are per-app that you create, like the Claude Code app template has rules for paths that Claude Code needs (~/.claude/*, etc), then when you open a project folder, claude has write access to your project folder. This makes the Claude Code app reusable for multiple projects.
However, if you have a more complicated project with several folders, you can create an app (like ComplicatedProject.app) dedicated to just that project and very specific rules (including regex!) for that app... you would set the default working directory to `~/complicatedproject` and the command field to `claude`.
This is exactly what vibe coding needs - the sandbox approach is smart. Been seeing too many people run coding agents with full system access, not realizing what can be exfiltrated. The network sandboxing idea for preventing secrets theft would be huge. Most security issues I've seen in AI-generated code aren't runtime vulns - they're leaky APIs, hardcoded creds, or packages that phone home.
Multitui
@mykola_kondratiuk Thanks, I agree that protecting against secrets leaking will be useful and may be the best starting point for the network sandbox.