Show HN: Drydock – VM Sandboxes for macOS Autonomous Coding Agents (github.com)

Drydock has been introduced as an innovative tool that enables autonomous coding agents, like Claude Code and OpenAI Codex, to run on macOS within isolated virtual machine (VM) sandboxes. This solution operates directly on the user’s machine rather than in the cloud, enhancing security by ensuring that sensitive information like API keys remains outside of the agent’s reach. With a deny-by-default approach to egress and a secure handoff system, Drydock allows developers to manage scripts and coding tasks while containing potential threats from malicious code or dependencies. Significant for the AI/ML community, Drydock fundamentally changes how developers can leverage AI tools for coding tasks by focusing on containment rather than strict regulations on agent behavior. This method allows for a more versatile interaction with coding agents while reducing risks associated with running untrusted code. Currently in alpha testing and designed for macOS on Apple Silicon, Drydock requires certain prerequisites but offers a streamlined setup process, demonstrating its potential for wider adoption within programming environments as it matures and gains real-world usage insights.