Crate deck_sandbox 

deck-sandbox — the ICE.

Wraps a child process (an MCP server) with a seccomp BPF filter and a landlock filesystem ruleset. On non-Linux targets, this crate degrades to a no-op stub so the workspace still builds, but enforces reports false and --sandbox-strict will refuse to launch untrusted servers.

This is the one feature that distinguishes ono-sendai from every other LLM TUI on GitHub: you can run an untrusted MCP server and trust that, at worst, it can only touch the paths you whitelisted.

Re-exports

pub use profile::SandboxProfile;

Modules

profile

Sandbox profile description, decoupled from any kernel API.

Structs

PlatformSandbox

Functions

availability

Short human-readable tag for diagnostics (doctor subcommand).

enforces

true if the host kernel actually enforces a policy when we apply one.