Sandbox config — repo, env vars, and network egress.
Domains, wildcards (*.example.com), IPs, CIDRs for allow; IPs/CIDRs only for deny. Allow takes precedence.
Files placed in the sandbox at session start. Useful for config files like .claude/settings.json.