Show HN: Drydock – VM Sandboxes for macOS Autonomous Coding Agents

Category: security

Tags: vm-sandbox, ai-agents, macos, security, autonomous-coding

Score: 7.3/10 (Innovation: 7, Technical: 8, Documentation: 8, Utility: 6)

Drydock runs autonomous coding agents (Claude Code, OpenAI Codex) in hardware-isolated VMs on macOS, assuming the agent may be compromised and containing blast radius rather than trying to keep it well-behaved. This is an innovative approach to AI agent security—trading convenience for strong isolation—and is particularly interesting for teams wanting to use coding agents on private repositories without exposing API keys or credentials.

Target audience: backend devs, devops, security engineers

Repository: https://github.com/sricola/drydock · Go · MIT · 1 stars

View on Hacker News