Codetainer's security model starts with sane and tight defaults, especially for a Bun/TypeScript-centric project. However, not every project will be that shape. Ideally, if a REPO_URL is specified, there should be a special folder (eg, .codetainer) that is allowed to contain configuration files that can be read by the container at boot time (post clone) to augment the VM environment to better support the needs of the project.
Some examples that come to mind:
- add custom allowlisted domains.
- augment the approval/rules.conf with additional project-specific rules. (with some concept of precedence)
- add additional Claude Code marketplaces & plugins.
- add arbitrary bash scripts that could install specific system dependencies as needed.
There are obvious security implications to consider when allowing this. However, these files are version-controlled and under the discretion of the project owner. While these may void the security warranties we've established, the value of customization is worth it.
It would be useful for Codetainer to have a built-in skill for managing this folder for a repo it's managing. That way, these edits could be introduced as a PR, and a simple reboot can update how the VM operates for the project.
Codetainer's security model starts with sane and tight defaults, especially for a Bun/TypeScript-centric project. However, not every project will be that shape. Ideally, if a
REPO_URLis specified, there should be a special folder (eg,.codetainer) that is allowed to contain configuration files that can be read by the container at boot time (post clone) to augment the VM environment to better support the needs of the project.Some examples that come to mind:
There are obvious security implications to consider when allowing this. However, these files are version-controlled and under the discretion of the project owner. While these may void the security warranties we've established, the value of customization is worth it.
It would be useful for Codetainer to have a built-in skill for managing this folder for a repo it's managing. That way, these edits could be introduced as a PR, and a simple reboot can update how the VM operates for the project.