Marketplace for trusted AI agent skills

Run agent CLIs in a capability-based local sandbox with snapshots and controlled egress using nono

Skill Detail

Run agent CLIs in a capability-based local sandbox with snapshots and controlled egress using nono

Constrain Claude Code, Codex, OpenClaw, and similar agent CLIs inside a kernel-enforced local sandbox with explicit filesystem, network, credential, and snapshot controls.

Security & VerificationMulti-Framework
Security & Verification Multi-Framework Security Reviewed
⭐ 2.1k GitHub stars
INSTALL WITH ANY AGENT
npx skills add agentskillexchange/skills --skill run-agent-clis-in-a-capability-based-local-sandbox-with-snapshots-and-controlled-egress-using-nono Copy
Works best when you want a reusable capability, not another fragile one-off prompt.
View source Documentation
At a glance
Tools required
nono plus a supported local agent CLI such as Claude Code, Codex, OpenClaw, or another profiled tool.
Install & setup
Install with brew install nono, then run nono setup or the profile-specific workflow from the installation guide before starting your agent inside the sandbox.
Author
always-further
Publisher
Organization
Last updated
Apr 22, 2026
Quick brief

nono is a skill-shaped operator tool for running agent CLIs under capability-based local confinement. It applies kernel-enforced sandbox rules, supports controlled credential injection, network filtering, verifiable audit logs, snapshots, and multiplexed agent sessions, with built-in profiles for coding-agent workflows.

How it works

What this skill actually does

Invoke it when an agent should work against local code or files but must not get broad host access by default. This is a better fit than running the agent normally when you need least-privilege execution, rollback points, and explicit egress boundaries on a developer machine or CI runner. The scope boundary is secure agent execution control, not a general-purpose IDE, framework, or agent platform.