marketing-shibata50/claude-code-ultimate-guide
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
claude-code-ultimate-guide/docs/resource-evaluations/dclaude-docker-wrapper.md
Florian BRUNIAUX bc86c8ed7f release: v3.20.6 - agentskills.io integration + 4 resource evaluations 
- agentskills.io open standard: frontmatter table, skills-ref CLI, portability section
- Agent Skills supply chain risks (security-hardening.md §1.2)
- anthropics/skills (60K+★) added to complementary resources
- 16 new reference.yaml entries
- Resource evaluations: agentskills.io (4/5), Skill Doctor (2/5), dclaude (new), paddo (new)
- Sandbox isolation + README updates

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-01 16:49:33 +01:00

73 lines
4.5 KiB
Markdown
Raw Blame History

# Resource Evaluation: dclaude — Dockerized Claude Code Wrapper
| Field | Value |
|-------|-------|
| **Resource** | [github.com/jedi4ever/dclaude](https://github.com/jedi4ever/dclaude) + [LinkedIn post](https://www.linkedin.com/posts/patrickdebois_github-jedi4everdclaude-activity-7423577213188562944-jUE_) |
| **Type** | Open-source tool (bash script) |
| **Author** | Patrick Debois ("father of DevOps", creator of DevOpsDays 2009, co-author DevOps Handbook) |
| **Published** | 2026-02-01 |
| **Score** | **2/5** (Marginal) |
| **Action** | Footnote in `guide/sandbox-isolation.md` (Limitations subsection) |
---
## Summary
1. **dclaude** is a single-file bash script wrapping Claude Code CLI inside a standard Docker container for filesystem isolation. Drop-in replacement: all Claude CLI flags forwarded.
2. **Primary motivation**: Claude Code can navigate entire filesystems, including other git worktree branches, risking accidental edits to production code. dclaude restricts visibility to mounted directories only.
3. **Features**: SSH agent forwarding, GPG signing, Docker-in-Docker (via host socket), automatic port mapping with URL rewriting, persistent named containers, GitHub token forwarding, `.env` auto-loading.
4. **Installation**: Single `curl` download, auto-builds Docker image on first run. Requires Docker Engine only (no Docker Desktop).
5. **Security model**: Standard container isolation (not microVM). Mounts host Docker socket (`/var/run/docker.sock`), `~/.ssh`, `~/.gnupg` into container — expands attack surface vs. Docker Sandboxes' private daemon approach.
## Gap Analysis
| Topic | Guide status | dclaude adds |
|-------|-------------|--------------|
| Sandbox isolation | ✅ Comprehensive (`sandbox-isolation.md`, 6 solutions) | Nothing new |
| Linux + Docker Engine | ⚠️ Gap documented (line 224) but no workaround | ✅ Fills gap |
| Worktree isolation use case | ❌ Not explicitly motivated | ✅ Explicit motivation |
| SSH/GPG forwarding in sandbox | ❌ Not covered | ✅ Built-in (but ⚠️ security tradeoff) |
## Score Justification
**2/5 (Marginal)** because:
- The guide already covers Docker Sandboxes (official, microVM isolation) plus 5 alternatives — no material gap
- dclaude uses standard containers, not microVMs — weaker isolation than Docker Sandboxes. The guide's own anti-patterns (line 377) warn: "Assuming containers = VMs"
- Host Docker socket mount means containerized Claude can control the host Docker daemon — opposite of Docker Sandboxes' private daemon
- Single-maintainer bash script with no lifecycle guarantees
- However: works on Linux with Docker Engine (real gap), and Patrick Debois's standing in the DevOps community gives credibility
**Why not 3/5**: Weaker security model and narrow differentiator (Linux-only gap) don't warrant a dedicated section. The guide documents the Linux limitation already.
**Why not 1/5**: Fills a legitimate gap for Linux Docker Engine users. Debois's contribution merits acknowledgment.
## Challenge (technical-writer)
The technical-writer agent confirmed the 2/5 score with additional analysis:
- **Security under-analyzed**: Host Docker socket mount is a material concern, not just "weaker isolation"
- **Debois credibility understated**: He coined "DevOps" — not just "a known figure"
- **Drop-in claim unverified**: Edge cases (MCP servers, `--resume`, session persistence) likely have friction
- **Placement recommendation refined**: Footnote in Limitations subsection (line 225), NOT in comparison matrix
- **Risk of non-integration**: Minimal — no reader fails to find a sandbox solution without dclaude
## Fact-Check
| Claim | Status | Source |
|-------|--------|--------|
| Author: Patrick Debois | ✅ | LinkedIn profile (17.5K followers) |
| Debois = "father of DevOps" | ✅ | Multiple sources (New Relic, DEV Community, jedi.be) |
| GitHub: jedi4ever | ✅ | Matches jedi.be domain |
| Drop-in replacement for claude CLI | ⚠️ | Claimed by README, not independently tested |
| Single-file install via curl | ✅ | GitHub README |
| SSH/GPG/Docker-in-Docker support | ✅ | GitHub README |
| Auto-builds Docker image | ✅ | GitHub README |
| Persistent container mode | ✅ | GitHub README |
| 60 likes, 7 comments (LinkedIn) | ✅ | LinkedIn post (snapshot at fetch time) |
## Integration Applied
- `guide/sandbox-isolation.md` line 225 — Footnote mention in Limitations subsection with security tradeoff note
- `docs/resource-evaluations/dclaude-docker-wrapper.md` — This file
- `docs/resource-evaluations/README.md` — Index entry added
Reference in a new issue View git blame Copy permalink