Skip to content

Instantly share code, notes, and snippets.

@roelven

roelven/Dockerfile

Last active December 20, 2025 12:26
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save roelven/1a1c8b8eff6d47b29806fbb662ee2a87 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save roelven/1a1c8b8eff6d47b29806fbb662ee2a87 to your computer and use it in GitHub Desktop.
Download ZIP
Example Agent Yolo Loop - Run a loop so that an LLM agent can iterate on your code
Raw
README.md

Claude Iteration Runner (YOLO Mode)

This repository demonstrates a fully sandboxed, iterative Claude Code workflow that repeatedly improves a codebase (in this case, a small HTML game) using the Claude Code CLI with --dangerously-skip-permissions, while still maintaining strong isolation from the host system.

The key idea is:

  • Claude can aggressively modify the project
  • but cannot escape the repository boundary
  • and runs with enterprise credentials (Anthropic + GCP/Vertex) in a controlled way

Directory structure

.
├── claude-iteration/        # The actual project Claude iterates on
│   ├── wizard-platformer.html   # Original starting point (the game)
│   ├── *.md / *.txt             # Auto-generated features, notes, summaries
│   └── YOLO_RUN_9_SUMMARY.md     # Example iteration summary
├── Dockerfile               # Container definition (non-root user + Claude Code)
└── run-yolo.sh              # Driver script (outside the project itself)

Everything inside claude-iteration/ is treated as mutable input/output for the agent.
Everything outside it is control infrastructure.

How it works (high level)

  1. Docker sandbox

    • A Docker image installs:
      • Node 18
      • @anthropic-ai/claude-code
      • git
    • A non-root user is created (llm) so Claude allows --dangerously-skip-permissions.

  2. Strict filesystem boundary

    • Only claude-iteration/ is mounted as /workspace (read/write).
    • The driver script (run-yolo.sh) is mounted read-only.
    • Credentials are mounted explicitly (Claude + GCP), nothing else.

  3. Iteration loop

    • run-yolo.sh:
      • Invokes Claude with a fixed prompt
      • Lets Claude modify files freely inside /workspace
      • Commits each change automatically
      • Repeats for N iterations

  4. Result

    • A fast, autonomous “YOLO loop” that evolves a project over time
    • Full git history preserved
    • No risk of Claude touching unrelated host files

Prerequisites

On the host machine:

  • Docker
  • Node 18+ (only needed if you want to run Claude locally)
  • Claude Code CLI login completed once: 
    npm install -g @anthropic-ai/claude-code
claude
  • GCP credentials set up for Vertex: 
    gcloud auth application-default login

Dockerfile (important detail)

The Dockerfile must:

  • Install Claude Code
  • Run as a non-root user

This is required because Claude Code explicitly refuses --dangerously-skip-permissions when run as root.

Running it

From the repo root:

docker build -t claude-code-yolo .

Then run:

docker run --rm -it   -v "$PWD/claude-iteration:/workspace"   -v "$PWD/run-yolo.sh:/home/llm/run-yolo.sh:ro"   -v "$HOME/.claude:/home/llm/.claude:rw"   -v "$HOME/.claude.json:/home/llm/.claude.json:ro"   -v "$HOME/.config/gcloud:/home/llm/.config/gcloud:ro"   -w /workspace   claude-code-yolo   bash -lc "/home/llm/run-yolo.sh /workspace"

What this does:

  • Claude runs with your existing credentials
    • GCP/Vertex works via Application Default Credentials
  • Claude can only read/write /workspace

The driver script (run-yolo.sh)

Key properties:

  • Lives outside the project being modified
  • Never committed by Claude
  • Fully deterministic loop

Typical flow per iteration:

  1. Call Claude with a fixed prompt
  2. Stage all changes
  3. Commit if anything changed
  4. Repeat

Safety notes

This setup intentionally uses --dangerously-skip-permissions.

Safety comes from:

  • Docker filesystem isolation
  • Non-root execution
  • Explicit credential mounts
  • No host home directory access

Claude cannot:

  • Read arbitrary host files
  • Access SSH keys
  • Modify anything outside /workspace and mounted credential directories

If someone else wants to try this

  1. Clone the repo
  2. Create their own claude-iteration/ project (any codebase)
  3. Log into Claude Code once on the host
  4. Ensure GCP ADC is configured (if using Vertex)
  5. Build the Docker image
  6. Run the container command above

That’s it.

Why this is useful

  • Rapid autonomous refactoring
  • Game or prototype evolution
  • Stress-testing ideas
  • Generating alternative implementations
  • Exploring “what if we let the agent loose?” safely

Use responsibly.

Raw
Dockerfile
FROM node:18-bullseye
# Install tooling
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
git \
ca-certificates \
bash && \
rm -rf /var/lib/apt/lists/*
# Install Claude Code CLI
RUN npm install -g @anthropic-ai/claude-code
# Create a non-root user `llm`
RUN useradd -ms /bin/bash llm
# Give it a working directory
WORKDIR /workspace
# Switch to that user for all container commands
USER llm
ENTRYPOINT ["bash"]
Raw
run-yolo.sh
#!/usr/bin/env bash
set -euo pipefail
REPO_DIR="${1:?Usage: $0 /Users/roel/Code/llm-runner/claude-iteration}"
PROMPT="You are a creative game engineer. I want you to go over this codebase and improve this game. Make it more fun. Don't ask me any questions."
MAX_ITERS=200
cd "$REPO_DIR"
for i in $(seq 1 "$MAX_ITERS"); do
claude --dangerously-skip-permissions -p "$PROMPT"
git add -A
if git diff --cached --quiet; then
echo "No changes this round, skipping commit."
else
git commit --no-verify -m "yolo run #$i: $PROMPT"
fi
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment