didericis/bot-bottle
1
0
Fork 0
Code Issues 7 Pull Requests 15 Actions Packages Projects Releases Wiki Activity
Files
a3a9ec065e4172d0ac7af80f45aff228c31386ba
bot-bottle/docs/research/landscape-containerized-claude.md
T
didericis 5e8ca21669
test / unit (pull_request) Successful in 16s
Details
test / integration (pull_request) Successful in 1m32s
Details
docs: replace stale bash-first framing with Python-stdlib-first 
The project started life as bash scripts and got rewritten to Python
(documented in docs/research/bash-vs-python-vs-go.md). Several docs
still carried the old "bash-first" framing — misleading for anyone
reading them now (8.7k lines of Python vs. ~130 lines of bash, all
in scripts/demo*.sh).

- CLAUDE.md "What this is" + "Conventions": orchestrator is Python,
  posture is stdlib-first.
- docs/prds/0010-cred-proxy.md, docs/research/manifest-format-and-
  grouping.md: quoted CLAUDE.md's old wording — re-quote.
- docs/research/built-in-supervisor-design.md, landscape-containerized-
  claude.md, agent-sandbox-landscape.md, pipelock-assessment.md,
  network-egress-guard.md: drop "bash-first" claims about the project,
  keep accurate descriptions of external tools' bash usage.

Leaves untouched: bash code-fence syntax in examples, README's
literal `bash scripts/demo.sh` invocation (the demo IS bash),
Claude Code's "Bash tool" references, IVIJL/devbox bash description
(that project actually is bash), and the bash-vs-python-vs-go
research note that records the rewrite decision.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-25 06:32:42 -04:00

3.2 KiB
Raw Blame History

Landscape: containerized Claude Code agent tools

Research into whether claude-bottle is redundant with existing projects, and whether it's worth publishing.

Summary

The "Claude Code in Docker" space is active but not saturated. claude-bottle occupies a distinct position: no surveyed project combines all five of its defining features. Publishing is likely worthwhile, with the main risk being claudebox expanding to absorb the same niche.

Closest competitor: claudebox

RchGrav/claudebox is the most feature-complete analog. It runs Claude Code in Docker with per-project isolated images, 15+ pre-configured dev-language profiles, and per-project network firewall allowlists. Actively maintained with multiple forks.

What it lacks: manifest-driven named agents, per-agent env resolution modes (prompt / host-forward / literal), skill directory injection, per-agent system prompts, SSH-agent forwarding without copying private keys, home+project manifest merge.

Other surveyed projects

  • textcortex/claude-code-sandbox → spritz — evolved toward Kubernetes-native multi-agent infra; not stdlib-first or local-Docker. Original sandbox repo is archived.
  • trailofbits/claude-code-devcontainer — devcontainer config for security audits; not a general agent launcher.
  • Several small solo repos (arezi/claude-sandbox, nkrefman/claude-sandbox, VishalJ99/claude-docker) — lightweight Docker wrappers with no multi-agent config layer.
  • Docker's official sandbox templates — launch-and-run Dockerfiles plus an npm-based runtime; not a manifest-driven fleet manager.

Adjacent (different model)

  • dagger/container-use (mid-2025) — exposes an MCP server so the agent spins up its own containers with Git worktrees. Inverted model vs. claude-bottle (agent controls container rather than being launched into one by a manifest). Still marked early-development.
  • E2B, Northflank, Cloudflare Sandbox SDK — cloud-hosted SaaS sandbox runtimes; fundamentally different architecture.

What no found project does

None combine:

  1. Named-agent JSON manifest with per-agent env resolution (prompt / host-forward / literal)
  2. Claude Code skills directory injection
  3. Per-agent system prompts
  4. SSH-agent key forwarding without copying private keys into the container
  5. Home + project manifest merge

Publishing verdict

Worth publishing. Differentiators that matter to the target audience (power users running parallel Claude Code sessions with distinct personas/tooling):

  • The Python-stdlib-first, low-dependency design — competitors are npm-based or Kubernetes-native.
  • Named agents with distinct skills and system prompts, not just language profiles.
  • SSH forwarding without key copying.

Main risk: claudebox adds manifest/agent config. The space is moving fast enough that publishing sooner is better if establishing prior art matters.

Discovery will be slow without active promotion; an Anthropic Discord post or HN "Show HN" would do most of the work.

Caveats

  • GitHub search cannot surface private or very new repos comprehensively.
  • Counts (stars, forks) were not confirmed for every project.
  • Research conducted 2026-05-07; the space moves fast.
Reference in New Issue View Git Blame Copy Permalink