holtwick

holtwick / bx-mac

Public

Sandbox any macOS app — only your project directory stays accessible

holtwick.de?ref=bx claude-code cli developer-tools macos privacy
13
0
100% credibility
Found Mar 29, 2026 at 13 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
TypeScript
AI Summary

bx is a macOS tool that launches code editors, terminals, or commands in a restricted environment where they can only access specific project folders, protecting the rest of your files.

How It Works

1
😟 Worry about tools peeking at private files

You use coding helpers like AI assistants but fear they might accidentally see your personal documents, keys, or photos.

2
📥 Grab bx for your Mac

You add this safety wrapper to your Mac with a quick install from a trusted source.

3
📁 Pick your project folder

You point to the folder where your code lives, like your work project.

4
🚀 Launch your editor safely

With one simple command, your favorite editor like VSCode springs open, seeing only your project and nothing else.

5
🛡️ Everything else stays hidden

Your personal folders, keys, and other projects are locked away, keeping your Mac safe.

Code with peace of mind

You build, edit, and collaborate securely, knowing your private life stays private.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 13 to 13 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is bx-mac?

bx-mac is a TypeScript CLI that sandboxes any macOS app—like VSCode, Xcode, or a terminal—restricting access to only your specified project directories. It tackles AI coding tools (Claude, Copilot) hallucinating paths to your SSH keys or .env files by leveraging macOS sandbox-exec for instant isolation, no VMs or Docker needed. Run `bx ~/project` to launch VSCode safely, or `bx term ~/project` for a locked-down shell.

Why is it gaining traction?

Zero-config dynamic rules scan your $HOME to block siblings and dotdirs automatically, with .bxignore (gitignore-style) hiding secrets recursively across monorepos. Custom apps via ~/.bxconfig.toml, multi-dir support, and dry-run previews make it a practical ai sandbox github alternative to cape sandbox github or joe sandbox any run—lightweight for MacBook Pro box workflows. Network and git stay open, but files are firewalled.

Who should use this?

macOS devs wielding AI like Claude Code in VSCode, paranoid about broad filesystem access during agentic coding sessions. Terminal users isolating npm installs or python scripts per project. Xcode teams sandboxing builds without sibling project leaks.

Verdict

Solid pick for macOS AI sandbox github needs—install via `brew install holtwick/tap/bx` and test with `--dry`. At 13 stars and 1.0% credibility, it's immature but battle-tested with full docs, Vitest coverage, and Homebrew formula; watch for macOS updates breaking undocumented sandbox-exec.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.