Open source · Docker isolation · One command

AI runs free. Your system stays safe.

Run Claude Code with full autonomous power, safely sandboxed in Docker.

 $ curl -fsSL https://cleat.sh/install | bash

~ $ cleat

Building image...

✔ Image built (cached)

✔ Container started

✔ Auth shared

✔ Project mounted

Container: cleat-backend-a1b2c3d4

Project: ~/backend → /workspace

Permissions: full (sandboxed)

✔ Claude Code launched

Claude is analyzing your project...

❯ ▊

$ claude --dangerously-skip-permissions

⚠ Modifying /usr/local/bin/...

⚠ Overwriting /etc/hosts...

⚠ Removing ~/.ssh/config...

✗ System unbootable. Restore from backup.

I let Claude run overnight. It bricked my Mac. So I built Cleat.

Same power. Smaller blast radius.

	Without isolation	With Cleat
Edit project files	✓	✓
Install packages	⚠ your system	✓ container only
Run any command	⚠ your system	✓ container only
Access other projects	⚠ exposed	✓ blocked
Modify your system	⚠ exposed	✓ blocked
Read ~/.ssh, credentials	⚠ exposed	✓ blocked
Safe to leave overnight	✗ no	✓ yes
Clipboard to host	✓	✓

Architecture

Your machine. Docker container. Clean boundary.

Your machine

~/.claude ───────┐ → (auth, settings)

~/my-project ──────┼────┐ → (project files)

Docker container

/home/coder/.claude

/workspace

Claude Code (full permissions)

Can: read/write project, install packages, run cmds

Cannot: touch host, access other projects

Everything else is untouched.

Why not just write a Dockerfile? You could. But then you handle UID/GID mapping, clipboard bridging, auth sharing, session persistence, per-project container naming, and a dozen edge cases. Cleat handles all of it in one command.

Features

One command. No moving parts.

$ cleat

✔ Image built

✔ Container started

✔ Auth shared

✔ Claude launched

No config. No setup. Just go.

$ cd ~/api && cleat

● cleat-api-a1b2c3d4

$ cd ~/web && cleat

● cleat-web-e5f6a7b8

Both running. Fully isolated.

$ cleat stop

Stopped. Container preserved.

$ cleat resume

↻ Resuming session...

Back where you left off.

$ cleat

Claude working autonomously...

┌──────────────────────────┐

│ 8 hours later │

│ 47 files changed │

│ All tests passing │

│ Host system: untouched ✓ │

└──────────────────────────┘

$ echo "hello" | pbcopy

✔ Copied to host clipboard

Works with pbcopy, xclip, xsel.

No X11. No special terminal.

┌─────────────────────────────────┐

│ Update available v1.0 → v1.1 │

│ Run cleat update to install. │

└─────────────────────────────────┘

Checks daily. Never interrupts.

Building with a team?

Something bigger is coming.

Get notified

Run anything. Break nothing.

Start sandboxing your AI agents in 30 seconds.

Because you shouldn't need a Time Machine backup to use AI.

Install Cleat Read the docs

 $ curl -fsSL https://cleat.sh/install | bash