Skip to main content
aitoolsatlas.ai
BlogAbout

Explore

  • All Tools
  • Comparisons
  • Best For Guides
  • Blog

Company

  • About
  • Contact
  • Editorial Policy

Legal

  • Privacy Policy
  • Terms of Service
  • Affiliate Disclosure
Privacy PolicyTerms of ServiceAffiliate DisclosureEditorial PolicyContact

© 2026 aitoolsatlas.ai. All rights reserved.

Find the right AI tool in 2 minutes. Independent reviews and honest comparisons of 890+ AI tools.

  1. Home
  2. Tools
  3. Code Airlock
OverviewPricingReviewWorth It?Free vs PaidDiscountAlternativesComparePros & ConsIntegrationsTutorialChangelogSecurityAPI
developer-tools🔴Developer
C

Code Airlock

A thin CLI wrapper around Docker Sandboxes that runs Claude Code, Codex, or OpenCode in a disposable microVM against a clone of your repo, then brings the work back as ordinary git commits for review.

Starting at$0 (self-hosted)
Visit Code Airlock →
💡

In Plain English

A thin CLI wrapper around Docker Sandboxes that runs Claude Code, Codex, or OpenCode in a disposable microVM against a clone of your repo, then brings the work back as ordinary git commits for review.

OverviewFeaturesPricingUse CasesFAQ

Overview

Code Airlock lets you give coding agents like Claude Code, Codex, and OpenCode real autonomy — installing packages, running tests, starting services, iterating on failures — without giving them your host machine. It is a deliberately small wrapper around Docker Sandboxes (the sbx CLI) that wires the common coding-agent loop together: the agent runs inside a disposable microVM against a private clone of your repository, your host repo stays read-only for the entire run, and the agent's changes come back as normal git commits that you fetch, diff, review, and merge from the host. The core insight is that harness-level permission rules are policy inside the agent process; Code Airlock moves the main safety boundary below the agent, so the agent can be configured to behave well while the microVM limits what happens when it does not. The workflow is three commands: code-airlock run "add pagination and run the tests", code-airlock diff, code-airlock merge — or open a pull request instead with code-airlock pr, pushed from the host with your credentials so the sandbox never needs GitHub access. It supports a configurable network allowlist for model APIs and package registries, per-repo stable sandbox naming, AGENTS.md scaffolding via code-airlock init, opt-in seeding of your personal agent config (commands, skills, subagents) without auth files or histories, tmux-based detached runs for remote servers, doctor and dry-run preflight checks, and visual review via your preferred difftool. Install via npm, Homebrew, or a shell script. MIT licensed; requires Docker Sandboxes with KVM/virtualization. No MCP integration — it wraps the agents themselves.

🎨

Vibe Coding Friendly?

▼
Difficulty:intermediate

Suitability for vibe coding depends on your experience level and the specific use case.

Learn about Vibe Coding →

Was this helpful?

Key Features

Feature information is available on the official website.

View Features →

Pricing Plans

Open Source

$0 (self-hosted)

  • ✓MIT license
  • ✓Works with Claude Code, Codex, OpenCode, and other Docker Sandbox agents
  • ✓Full fetch/diff/review/merge/pr workflow
  • ✓Network allowlist and config seeding
  • ✓npm, Homebrew, and shell-script installers
See Full Pricing →Free vs Paid →Is it worth it? →

Ready to get started with Code Airlock?

View Pricing Options →

Best Use Cases

🎯

Letting Claude Code or Codex work unattended with fewer permission prompts while the host stays protected

⚡

Reviewing every agent change as ordinary git commits before anything lands in your repo

🔧

Running coding agents on remote servers in detached tmux sessions that survive SSH disconnects

🚀

Restricting agent network access to model APIs and package registries only

💡

Teams standardizing one safe, repeatable sandbox workflow across multiple coding agents

Pros & Cons

✓ Pros

  • ✓Real security boundary at the microVM level — not just agent-side prompts
  • ✓Host repo stays read-only; every change comes back as a reviewable git commit
  • ✓Multi-agent: swap between Claude Code, Codex, OpenCode with one flag
  • ✓Sandbox never needs GitHub creds — PRs push from the host
  • ✓MIT licensed with npm/Homebrew/curl installs and preflight `doctor` diagnostics

✗ Cons

  • ✗Requires Docker Sandboxes and KVM/virtualization on the host
  • ✗No MCP integration — wraps agents but doesn't extend their tool surface
  • ✗Extra latency vs. running the agent directly on the host
  • ✗Small project (thin wrapper) — you're also depending on the underlying sbx CLI
  • ✗Adds cognitive load: another layer between you and the agent

Frequently Asked Questions

How much does Code Airlock cost?+

Code Airlock pricing starts at $0 (self-hosted). They offer a single pricing plan.
🦞

New to AI tools?

Read practical guides for choosing and using AI tools

Read Guides →

Get updates on Code Airlock and 370+ other AI tools

Weekly insights on the latest AI tools, features, and trends delivered to your inbox.

No spam. Unsubscribe anytime.

User Reviews

No reviews yet. Be the first to share your experience!

Quick Info

Category

developer-tools

Website

github.com/Trivo25/code-airlock
🔄Compare with alternatives →

Try Code Airlock Today

Get started with Code Airlock and see if it's the right fit for your needs.

Get Started →

Need help choosing the right AI stack?

Take our 60-second quiz to get personalized tool recommendations

Find Your Perfect AI Stack →

Want a faster launch?

Explore 20 ready-to-deploy AI agent templates for sales, support, dev, research, and operations.

Browse Agent Templates →

More about Code Airlock

PricingReviewAlternativesFree vs PaidPros & ConsWorth It?Tutorial