refactor\!: remove sandbox system and simplify agent architecture

Remove the entire sandbox security system including:
- All sandbox-related Rust code and dependencies (gaol crate)
- Sandbox command handlers and platform-specific implementations
- Comprehensive test suite for sandbox functionality
- Agent sandbox settings UI components

Simplify agent configuration by removing sandbox and permission fields:
- Remove sandbox_enabled, enable_file_read, enable_file_write, enable_network from agent configs
- Update all CC agents to use simplified configuration format
- Remove sandbox references from documentation and UI

BREAKING CHANGE: Existing agent configurations will need to be updated to remove sandbox-related fields. Agent execution model has changed from sandboxed to simple process isolation.

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

Author: 123vivekr

README.md

@@ -37,7 +37,7 @@ Think of Claudia as your command center for Claude Code - bridging the gap betwe
 - [✨ Features](#-features)
   - [🗂️ Project & Session Management](#️-project--session-management)
   - [🤖 CC Agents](#-cc-agents)
-  - [🛡️ Advanced Sandboxing](#️-advanced-sandboxing)
+  
   - [📊 Usage Analytics Dashboard](#-usage-analytics-dashboard)
   - [🔌 MCP Server Management](#-mcp-server-management)
   - [⏰ Timeline & Checkpoints](#-timeline--checkpoints)
@@ -67,14 +67,10 @@ Think of Claudia as your command center for Claude Code - bridging the gap betwe
 ### 🤖 **CC Agents**
 - **Custom AI Agents**: Create specialized agents with custom system prompts and behaviors
 - **Agent Library**: Build a collection of purpose-built agents for different tasks
-- **Secure Execution**: Run agents in sandboxed environments with fine-grained permissions
+- **Background Execution**: Run agents in separate processes for non-blocking operations
 - **Execution History**: Track all agent runs with detailed logs and performance metrics
 
-### 🛡️ **Advanced Sandboxing**
-- **OS-Level Security**: Platform-specific sandboxing (seccomp on Linux, Seatbelt on macOS)
-- **Permission Profiles**: Create reusable security profiles with granular access controls
-- **Violation Tracking**: Monitor and log all security violations in real-time
-- **Import/Export**: Share sandbox profiles across teams and systems
+
 
 ### 📊 **Usage Analytics Dashboard**
 - **Cost Tracking**: Monitor your Claude API usage and costs in real-time
@@ -127,7 +123,7 @@ CC Agents → Create Agent → Configure → Execute
 
 1. **Design Your Agent**: Set name, icon, and system prompt
 2. **Configure Model**: Choose between available Claude models
-3. **Set Sandbox Profile**: Apply security restrictions
+3. **Set Permissions**: Configure file read/write and network access
 4. **Execute Tasks**: Run your agent on any project
 
 ### Tracking Usage
@@ -351,8 +347,8 @@ claudia/
 ├── src-tauri/             # Rust backend
 │   ├── src/
 │   │   ├── commands/      # Tauri command handlers
-│   │   ├── sandbox/       # Security sandboxing
-│   │   └── checkpoint/    # Timeline management
+│   │   ├── checkpoint/    # Timeline management
+│   │   └── process/       # Process management
 │   └── tests/             # Rust test suite
 └── public/                # Public assets
 ```
@@ -378,13 +374,13 @@ cd src-tauri && cargo fmt
 
 ## 🔒 Security
 
-Claudia implements multiple layers of security:
+Claudia prioritizes your privacy and security:
 
-1. **Process Isolation**: Agents run in separate sandboxed processes
-2. **Filesystem Access Control**: Whitelist-based file access
-3. **Network Restrictions**: Control external connections
-4. **Audit Logging**: All security violations are logged
-5. **No Data Collection**: Everything stays local on your machine
+1. **Process Isolation**: Agents run in separate processes
+2. **Permission Control**: Configure file and network access per agent
+3. **Local Storage**: All data stays on your machine
+4. **No Telemetry**: No data collection or tracking
+5. **Open Source**: Full transparency through open source code
 
 ## 🤝 Contributing
 

cc_agents/README.md

@@ -16,11 +16,11 @@
 
 ## 📦 Available Agents
 
-| Agent | Model | Permissions | Description | Default Task |
-|-------|-------|-------------|-------------|--------------|
-| **🎯 Git Commit Bot**<br/>🤖 `bot` | <img src="https://img.shields.io/badge/Sonnet-blue?style=flat-square" alt="Sonnet"> | ✅ File Read<br/>✅ File Write<br/>✅ Network<br/>❌ Sandbox | **Automate your Git workflow with intelligent commit messages**<br/><br/>Analyzes Git repository changes, generates detailed commit messages following Conventional Commits specification, and pushes changes to remote repository. | "Push all changes." |
-| **🛡️ Security Scanner**<br/>🛡️ `shield` | <img src="https://img.shields.io/badge/Opus-purple?style=flat-square" alt="Opus"> | ✅ File Read<br/>✅ File Write<br/>❌ Network<br/>❌ Sandbox | **Advanced AI-powered Static Application Security Testing (SAST)**<br/><br/>Performs comprehensive security audits by spawning specialized sub-agents for: codebase intelligence gathering, threat modeling (STRIDE), vulnerability scanning (OWASP Top 10, CWE), exploit validation, remediation design, and professional report generation. | "Review the codebase for security issues." |
-| **🧪 Unit Tests Bot**<br/>💻 `code` | <img src="https://img.shields.io/badge/Opus-purple?style=flat-square" alt="Opus"> | ✅ File Read<br/>✅ File Write<br/>❌ Network<br/>❌ Sandbox | **Automated comprehensive unit test generation for any codebase**<br/><br/>Analyzes codebase and generates comprehensive unit tests by: analyzing code structure, creating test plans, writing tests matching your style, verifying execution, optimizing coverage (>80% overall, 100% critical paths), and generating documentation. | "Generate unit tests for this codebase." |
+| Agent | Model | Description | Default Task |
+|-------|-------|-------------|--------------|
+| **🎯 Git Commit Bot**<br/>🤖 `bot` | <img src="https://img.shields.io/badge/Sonnet-blue?style=flat-square" alt="Sonnet"> | **Automate your Git workflow with intelligent commit messages**<br/><br/>Analyzes Git repository changes, generates detailed commit messages following Conventional Commits specification, and pushes changes to remote repository. | "Push all changes." |
+| **🛡️ Security Scanner**<br/>🛡️ `shield` | <img src="https://img.shields.io/badge/Opus-purple?style=flat-square" alt="Opus"> | **Advanced AI-powered Static Application Security Testing (SAST)**<br/><br/>Performs comprehensive security audits by spawning specialized sub-agents for: codebase intelligence gathering, threat modeling (STRIDE), vulnerability scanning (OWASP Top 10, CWE), exploit validation, remediation design, and professional report generation. | "Review the codebase for security issues." |
+| **🧪 Unit Tests Bot**<br/>💻 `code` | <img src="https://img.shields.io/badge/Opus-purple?style=flat-square" alt="Opus"> | **Automated comprehensive unit test generation for any codebase**<br/><br/>Analyzes codebase and generates comprehensive unit tests by: analyzing code structure, creating test plans, writing tests matching your style, verifying execution, optimizing coverage (>80% overall, 100% critical paths), and generating documentation. | "Generate unit tests for this codebase." |
 
 ### Available Icons
 
@@ -76,11 +76,7 @@ All agents are stored in `.claudia.json` format with the following structure:
     "icon": "bot",
     "model": "opus|sonnet|haiku",
     "system_prompt": "Your agent's instructions...",
-    "default_task": "Default task description",
-    "sandbox_enabled": false,
-    "enable_file_read": true,
-    "enable_file_write": true,
-    "enable_network": false
+    "default_task": "Default task description"
   }
 }
 ```
@@ -109,9 +105,8 @@ The agent import/export system is built on a robust architecture:
 
 1. **Version Control**: Each agent export includes version metadata
 2. **Duplicate Prevention**: Automatic naming conflict resolution
-3. **Permission System**: Granular control over file, network, and sandbox access
-4. **Model Selection**: Choose between Opus, Sonnet, and Haiku models
-5. **GitHub Integration**: Direct import from the official repository
+3. **Model Selection**: Choose between Opus, Sonnet, and Haiku models
+4. **GitHub Integration**: Direct import from the official repository
 
 ## 🤝 Contributing
 
@@ -133,7 +128,6 @@ Export your agent to a `.claudia.json` file with a descriptive name.
 
 - **Single Purpose**: Each agent should excel at one specific task
 - **Clear Documentation**: Write comprehensive system prompts
-- **Safe Defaults**: Be conservative with permissions
 - **Model Choice**: Use Haiku for simple tasks, Sonnet for general purpose, Opus for complex reasoning
 - **Naming**: Use descriptive names that clearly indicate the agent's function
 
@@ -145,4 +139,4 @@ These agents are provided under the same license as the Claudia project. See the
 
 <div align="center">
   <strong>Built with ❤️ by the Claudia community</strong>
-</div> 
+</div> 

cc_agents/git-commit-bot.claudia.json

@@ -1,15 +1,11 @@
 {
   "agent": {
     "default_task": "Push all changes.",
-    "enable_file_read": true,
-    "enable_file_write": true,
-    "enable_network": true,
     "icon": "bot",
     "model": "sonnet",
     "name": "Git Commit Bot",
-    "sandbox_enabled": false,
     "system_prompt": "<task>\nYou are a Git Commit Push bot. Your task is to analyze changes in a git repository, write a detailed commit message following the Conventional Commits specification, and push the changes to git.\n</task>\n\n# Instructions\n\n<instructions>\nAnalyze the changes shown in the git diff and status outputs. Pay attention to:\n1. Which files were modified, added, or deleted\n2. The nature of the changes (e.g., bug fixes, new features, refactoring)\n3. The scope of the changes (which part of the project was affected)\n\nBased on your analysis, write a commit message following the Conventional Commits specification:\n1. Use one of the following types: feat, fix, docs, style, refactor, perf, test, or chore\n2. Include a scope in parentheses if applicable\n3. Write a concise description in the present tense\n4. If necessary, add a longer description after a blank line\n5. Include any breaking changes or issues closed\n\nThen finally push the changes to git.\n</instructions>\n\n# Notes\n\n<notes>\n- Replace [branch_name] with the appropriate branch name based on the information in the git log. If you cannot determine the branch name, use \"main\" as the default.\n- Remember to think carefully about the changes and their impact on the project when crafting your commit message. Your goal is to provide a clear and informative record of the changes made to the repository.\n</notes>"
   },
   "exported_at": "2025-06-23T14:29:58.156063+00:00",
   "version": 1
-}
+}