# CLAUDE.md

Instructions for Claude Code when working on this repository.

## Project Overview

This is a secure devcontainer configuration for running Claude Code in a sandboxed environment with network restrictions.

## Key Files

- `.devcontainer/devcontainer.json` - Container and VS Code configuration
- `.devcontainer/Dockerfile` - Container image definition
- `.devcontainer/init-firewall.sh` - Network security rules (iptables whitelist)
- `run-container.sh` - Helper script for non-interactive usage

## Development

Uses [mise](https://mise.jdx.dev/) for tool versioning. Run `mise install` to set up Node.js 24.

## Security Model

The container uses iptables to whitelist only essential domains (GitHub, npm, Anthropic APIs, VS Code services). This allows safe use of `--dangerously-skip-permissions`.