I built https://github.com/nezhar/claude-container for exactly this reason - it's easy to make mistakes with these agents even for technical users, especially in yolo mode.
Author here. This release adds two features I've found useful for understanding Claude Code behavior:
1. API Proxy - Transparently logs all interactions with the Anthropic API. Every request/response is captured without modifying Claude Code itself.
2. Datasette Integration - Lets you query and visualize the captured API data with SQL. Useful for tracking token usage, analyzing prompt patterns, or debugging unexpected behavior.
The container itself provides isolation from the host system while maintaining persistent credentials and workspace access via bind mounts.
Happy to answer questions about the implementation or use cases.
You still need to connect to Anthropic and obtain an authorization token.
The isolation here refers to the workspace. Since you run the CLI in a container, the process can only access what you have mapped inside. This is helpful if you want to avoid issues like this: https://hackaday.com/2025/07/23/vibe-coding-goes-wrong-as-ai...
Ok. Thanks for the clarification. Still a good project, and many people like to use online services.
I prefer local models. All I use and used on the local model could be on an online, no secrets here. The speed is more than acceptable for a low end cpu+gpu.
I stil use Perplexity sometimes for more complex questions.
reply