Forgot about that, was mostly thinking about how AI agents with unrestricted permissions would ideally have some external logging and monitoring, so there would be a record of what it touched. A trace has all of the raw information, so some kind of wrapper around that would be useful.
replyI'd like to know what level of details you'd expect. Something like `zerobox -- claude`, then you get an output log like this:
reply```
Read file /etc/passwd
Made network call to httpbin.org
Write file /tmp/access
```
etc.? I'm really interested to hear your thoughts and I will add that feature (I need something like that, too).
*strace that is - annoyingly it seems it was autocorrected away
replyI think there is still a valid case for sandbox logs/otel. strace would give you the syscalls/traces but not _why_ a particular call was blocked in side the sandbox (e.g. the decision making bit).
reply