A pre-configured Docker-based development container for Claude Code with security isolation, enabling --dangerously-skip-permissions safely.
Reference: github.com/anthropics/claude-code/.devcontainer
- Install VS Code + Remote - Containers extension
- Clone the Claude Code reference repo
- Open in VS Code
- Click "Reopen in Container" (or
Cmd+Shift+P→ "Remote-Containers: Reopen in Container")
| File | Purpose |
|---|---|
devcontainer.json |
Container settings, extensions, volume mounts |
Dockerfile |
Container image and installed tools |
init-firewall.sh |
Network security rules (firewall setup) |
- Node.js 20 base image with dev dependencies
- Git, ZSH with productivity enhancements, fzf
- Pre-configured VS Code extensions and settings
- Session persistence (history/config survives container restarts)
- Works on macOS, Windows, Linux
- Default-deny firewall: blocks all external traffic except allowlisted domains (npm, GitHub, Claude API, etc.)
- Outbound DNS and SSH permitted
- Startup verification: firewall rules validated on container init
- Isolated from host system
Because of this isolation, you can safely run:
claude --dangerously-skip-permissionsWarning: even with isolation, a malicious project could exfiltrate anything accessible inside the container, including Claude Code credentials. Only use with trusted repositories.
- Add/remove VS Code extensions
- Adjust resource allocations
- Modify network access (expand/restrict allowed domains)
- Customize shell config and developer tooling
| Scenario | Benefit |
|---|---|
| Secure client work | Isolate projects so code/credentials don't mix |
| Team onboarding | Fully configured environment in minutes |
| CI/CD consistency | Mirror devcontainer config in pipelines |
Source: devcontainer.md