claude-code icon indicating copy to clipboard operation
claude-code copied to clipboard
Published 10 hours ago verified publisher icon anthropics

[BUG/UX] Sandbox network whitelist: No way to proactively configure domains, git operations fail without prompts

Open 0x1355 opened this issue 2 months ago • 5 comments

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

Git commands pre-approved in settings fail silently with exit code 128 when sandbox is enabled, due to network restrictions blocking github.com. There's no prompt to whitelist the domain, and the /sandbox command doesn't provide a way to proactively add network allowlists.

What Should Happen?

Option A (Reactive prompts): When pre-approved git command needs network access, show prompt: Git push requires network access to github.com [ Deny ] [ Allow Once ] [ Update Sandbox Configuration ]

Option B (Proactive configuration): /sandbox command should provide UI to add network whitelists: Network allowed domains: • code.claude.com • github.com [Add]

[Add new domain...]

Option C (Smart defaults): Git-related commands should auto-whitelist common git hosting domains when pre-approved:

  • github.com, *.github.com
  • gitlab.com, *.gitlab.com
  • bitbucket.org, *.bitbucket.org

Error Messages/Logs

Error: Exit code 128
error: could not write config file .git/config: Device or resource busy
fatal: could not set 'remote.origin.url' to xxx

Steps to Reproduce

  1. Enable sandbox mode in .claude/settings.local.json: { "permissions": { "allow": [ "Bash(git push:*)", "Bash(git remote set-url:*)" ] } }
  2. Run a git command that requires network access: git push

or

git remote set-url origin [email protected]:user/repo.git 3. Command fails with: Error: Exit code 128 ssh: Could not resolve hostname github.com: Temporary failure in name resolution fatal: Could not read from remote repository. 4. Try /sandbox command to add network whitelist 5. Unable to add domains proactively

Claude Model

Sonnet (default)

Is this a regression?

I don't know

Last Working Version

No response

Claude Code Version

2.0.37

Platform

Anthropic API

Operating System

Other Linux

Terminal/Shell

Other

Additional Information

Impact

  • Broken workflow: Pre-approved git commands don't work as expected
  • Poor UX: Silent failures without guidance on how to fix
  • Security workaround: Users forced to disable sandbox entirely for git operations
  • Documentation gap: Docs mention reactive prompts but they don't trigger

0x1355 avatar Nov 12 '25 12:11 0x1355