ork:doctor — Check 15: CC Bash-sandbox posture

OrchestKit ships no sandbox (isolation is the harness's job). But Claude Code has a native Bash-sandbox you can turn on — and most people don't know it exists. This check surfaces the posture and nudges it. Toggle a machine's state:

/ork:doctor · check 15

Honest limits — doctor states these in the output

  • Bash-only. Confines Bash subprocesses. Read/Write tools, MCP, and hooks run unsandboxed. Raises the floor, not full containment.
  • ~/.ssh readable by default unless sandbox.filesystem.denyRead is set — the nudge includes it.
  • No detection API. settings.local.json is the only signal; a CLI-flag sandbox reads as "not configured".