Hacker News
Show HN: Clawk runs coding agents in a disposable network-restricted Linux VM
- Category: Pulse
- Status: discussion
- Sources: GitHub repo, HN discussion
- Summary: A Show HN project (122 points) gives a coding agent its own disposable Linux VM instead of the host machine. The user code is mounted in and the agent runs as root inside the guest with no permission prompts, while the host filesystem, keychain, and network stay out of reach behind a network allow-list that blocks outbound connections to unlisted servers. It is a single Go binary (Apache-2.0, macOS with experimental Linux support) that attaches Claude Code, Codex, or a shell, and it surfaced the same day as the Grok Build CLI exfiltration reports covered in Top stories.
- Why it matters: VM-level isolation with an outbound network deny-list is the structural mitigation for the agent data-exfiltration and destructive-command risks the day's other stories describe, since the boundary is a separate machine rather than a prompt rule.