sandbox command allows you to manually execute commands within the same sandbox environment that Codex uses for command execution.
Usage
Description
This command is primarily used for testing and debugging sandbox behavior. It runs the specified command with the same security restrictions that Codex applies when executing commands on your behalf. The sandbox environment varies by platform:- Linux: Landlock LSM + seccomp filters (or Bubblewrap if enabled)
- macOS: Seatbelt sandbox profiles
- Windows: Restricted token with limited privileges
Options
Sandbox mode to use. Options:
read-only, workspace-write, danger-full-accessDefault: read-onlyWorking directory for the command.Default: current directory
Examples
Run Command in Read-Only Sandbox
Test Workspace Write Access
Run in Specific Directory
Test Network Restrictions
Sandbox Modes
read-only
- Read access to workspace files
- No write access
- No network access
- Cannot modify system files
workspace-write
- Read access to workspace files
- Write access within workspace directory
- No network access
- Cannot modify system files outside workspace
danger-full-access
- Full file system access
- Network access allowed
- Can modify any accessible files
- Use with caution
Use Cases
Testing Sandbox Policies
Verify that your sandbox configuration works as expected:Debugging Command Failures
When a command fails in Codex, test it manually:Validating Execpolicy Rules
Test whether a command would be allowed:Exit Codes
The command returns the exit code of the executed command.Security Notes
Sandbox behavior may vary between platforms. Always test critical workflows on your target platform.
Related Commands
Sandboxing Concepts
Learn about Codex sandboxing
Exec Policies
Configure execution policies