container-isolation-posture
CommunityNine-rule posture for sandbox isolation design.
Authorbrucebanner010198-commits
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This skill codifies a nine-rule posture to ensure safe and isolated execution of LLM-driven agents on host resources, addressing risks from sandbox escapes, data leakage, and policy violations.
Core Features & Use Cases
- Nine-rule posture: external allowlists, fail-closed defaults, symlink resolution, container-path validation, read-only project roots, per-tenant session isolation, and credential vault guidance.
- Policy-first design guidance: applies to laptops, CI runners, containers, or VMs; pairs with sandbox and consumer-side defenses (mcp-defense, secrets-vault, etc).
- Use cases: designing secure sandboxes for agent execution, auditing existing runtimes, and reviewing MCP surfaces for isolation.
Quick Start
Apply this posture when reviewing or designing an agent execution surface to ensure container isolation is enforced across the host.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: container-isolation-posture Download link: https://github.com/brucebanner010198-commits/DevSecOps-Agency/archive/main.zip#container-isolation-posture Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.