Bero.dev

AI-First Development Environments

If you just need a sandbox to run your AI agent without permission checks, try flout. If you want to understand how it works, this article has all the details you need.

AI agents can work while you sleep — but your laptop isn’t always on, and when it is, you’re stuck approving every tool call. This guide shows you how to build a remote environment where agents run safely, around the clock, and you can connect from anywhere.

We’ll use Claude Code, but the same ideas apply to other tools like Codex and Gemini.

Your First Sandbox

Run docker sandbox run claude in a directory you want to work in. It creates a container with Claude installed, mounts the current directory inside it, and gives you an SSH connection to interact with it.

Done. The sandbox is isolated, so you can safely bypass permissions and connect to it remotely.

Always-On

A sandbox is great for one-off tasks, but it’s tied to your machine and goes away when the machine shuts down.
To keep agents running 24/7, put them on a machine that stays on — an old laptop, a home server, or a VPS.
If you just want to test it or don’t need 24/7 support, run it on your machine.

Set up a sandbox

We will use a custom Dockerfile bgrgicak/flout-claude that comes with everything you need. Alternatively, you could create your own or start with docker/sandbox-templates:claude-code and install the packages you need.

Start the container in the background:

docker run -d --init --name agent-sandbox \
  -v ~/.claude:/home/dev/.claude \
  -v .:/home/dev/agent \
  bgrgicak/flout-claude:latest

This command will mount your current directory and .claude directory into the sandbox, so it can work on your projects and use your existing skills and plugins.

Drop into a shell:

docker exec -it agent-sandbox bash

Start Claude setup and login:

claude

Enable Remote Control (one-time — lets you connect from the web or any device):

claude remote-control

Start a persistent agent session

Start a persistent remote session:

tmux new-session -d -s claude \
  "while true; do claude remote-control --spawn=session --permission-mode bypassPermissions --name my-agent; sleep 5; done"

The while true loop respawns the session if it exits — you always have one waiting. remote-control makes it accessible without SSH. bypassPermissions lets the agent work autonomously.

Now you can exit the shell. Claude keeps running in the container:

exit

If you open the Claude desktop or mobile app and navigate to the code section, you will see a my-agent session running.

The my-agent session is now available in the Claude desktop or mobile app

Run a session as root

Because you are in a sandbox, you can run the session as root to allow your agent to improve its environment.

sudo IS_SANDBOX=1 claude --dangerously-skip-permissions

Don’t want to remember all the commands?

The sandbox comes with a helper library called flout that can do all of the above. Install it with npm install -g @flout/cli.

flout — manage persistent AI agent sessions

Usage:
  flout setup                          Check dependencies, login, create token
  flout start [name] [--path <dir>]    Start a local session in tmux (sudo for sandbox)
  flout remote [name] [--path <dir>]   Start a remote-control session (always-on)
  flout stop <name|id>                 Stop a session
  flout join <name|id>                 Attach to a running session
  flout list                           List active sessions
  flout status                         Show login and session status
  flout restart <name|id> [--path <dir>]  Restart a remote session
  flout trust <dir>                    Trust a project directory
  flout docker <cmd> [<name|id>]       Manage Docker containers (start|stop|shell|claude|status)

Make It Your Own

Once your environment is running, extend it to fit your workflow:

  • Custom skills — teach agents project-specific conventions like PR formats or deploy steps. Docs
  • MCP servers — connect agents to external services like email, calendar, or databases. Docs
  • Plugins — add capabilities from community or official sources. Docs
  • Personalize your environment — Copy the Dockerfile.claude or base Dockerfile from this post and make it your own. Add tools, CLIs, or dependencies your agents need. Build a custom image and use it in your sandbox.
  • Create specialized agents – If you want to have specialized agents for different projects or tasks, start another sandbox with a different system prompt, tools, skills…

The environment is yours — adapt it.

Security: Your Comfort Level

Docker gives you filesystem and process isolation out of the box. The agent can’t touch your host system.

Beyond that, it’s about your comfort level. Some people are fine with agents pushing to trunk. Others want to review every commit. Some connect agents to email and calendar. Others prefer to copy/paste the context manually.

Start restrictive. Loosen as you build trust with a specific agent in a specific role. A side project and production code shouldn’t have the same rules.

If you go too far, revert to a clean sandbox and start over.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts