How we contain Claude across products

Anthropic has published a detailed overview of their sandboxing techniques employed across their products, including Claude.ai, Claude Code, and Claude Cowork. The architecture utilizes gVisor for Claude.ai, Seatbelt on macOS, and Bubblewrap on Linux for Claude Code, while Claude Cowork operates within a full VM environment. This documentation is significant for AI practitioners as it outlines the security measures in place to prevent data exfiltration and provides insights into the robustness of their sandboxing strategies, which can inform best practices in developing secure AI applications.