Agent Safehouse provides macOS-native sandboxing for local AI agents, addressing the growing risk of AI-powered tools making catastrophic mistakes. The tool flips the traditional access model, denying all permissions by default and only granting explicit access to specified directories. This approach acknowledges that even with a 1% failure rate, AI agents will eventually cause serious damage.

Built as a single shell script with no dependencies, Safehouse requires minimal setup. Users download the script, make it executable, and run any agent inside the sandbox. By default, it grants read/write access to the current project directory while blocking access to sensitive areas like SSH keys, AWS credentials, and other repositories. The kernel enforces these restrictions before processes can access protected data.

The tool includes shell functions that automatically sandbox popular agents like Claude, Codex, and Gemini. Users can run agents with simple commands like claude or codex, with the option to bypass the sandbox using command claude for unrestricted sessions. This design makes security the default while maintaining flexibility for advanced users.