Mike McQuaid on SandVault and git worktrees

Mike McQuaid is the project leader for Homebrew, the package manager for macOS all developers use.

He handles more pull-requests from open-source developers than the rest us will ever need to address, and uses AI to manage the workload.

The main problem you’ll bump into pretty quickly with agents is: you have to spend half your life going “Yes, do this safe thing”, “No, don’t do this dangerous thing”. This is boring and slow.

If you want to be actually productive with these tools you basically have two options:

1. decide you’re just going to play with fire and disable permissions and hope nothing goes wrong
2. run in a sandboxed environment e.g. a VM, separate machine, sandbox with reduced (system) permissions, access, tokens, etc.

I picked option 2 because I take my responsibility as a Homebrew maintainer seriously to not do stupid insecure shit on my machine.

sandvault is the nicest middle ground I’ve come across. It makes use of macOS sandboxes and creates and maintains a separate non-admin user account where you can let it run wild. Short of exfiltrating your code (which I’m not worried about with OSS), it closes the majority of risk vectors I care about...

https://mikemcquaid.com/sandboxed-agent-worktrees-my-coding-and-ai-setup-in-2026/