Decision
Drop the llm-box hardened-Ollama Docker sandbox entirely, as a dedicated standalone PR so a future re-add can simply revert the removal PR for full context. Owner-decided 2026-06-15.
Why
Phase 2 ships the bundled built-in llama-server engine, which is now Thuki's local/private inference story: fully local, localhost-only, zero external install. llm-box was the "hardened local inference" option back when Ollama was the only backend; the built-in engine supersedes its core value for essentially all users.
It is now a niche-of-a-niche: a hardened Docker variant of the optional Ollama provider, marketed in the README as a security feature right next to a default engine that is already local. The messaging competes with itself, and removing it keeps the "built-in plus native Ollama" story lean (local-first simplification, consistent with the broader Phase 2 direction).
What we lose (honest trade-off, recorded for a future re-add)
The Docker container provides process-level isolation the built-in engine does not: cap_drop: ALL, read-only model volume, no-new-privileges, localhost-only networking. The bundled llama-server runs as a plain child process. So for a genuinely regulated or security-paranoid user, the sandbox offered real isolation the built-in engine cannot match. It also doubled as a contributor convenience for testing the Ollama provider without a native Ollama install. If that audience or that convenience becomes important again, revert this PR.
Scope (remove)
sandbox/llm-box/ (the docker-compose.yml and README.md).package.json scripts: llm-box:start, llm-box:stop.README.md: the "Isolated sandbox" feature bullet (around L82) and the full "Docker sandbox" section (around L150-166).CONTRIBUTING.md: the llm-box testing instructions (around L79-85); reframe to "test the Ollama provider with a native Ollama install (ollama pull ...)".CLAUDE.md: the sandbox/llm-box/ description in the Sandbox section.- Any other stray references: grep
llm-box afterward to confirm none remain.
Leave untouched: sandbox/search-box/. That is the /search feature's SearXNG and reader stack, unrelated to inference.
Constraints
Re-add path
This is intentionally a standalone removal PR: to bring llm-box back later, revert the PR. That restores the compose file, scripts, and all docs in one move, with this issue as the rationale record.
Decision
Drop the
llm-boxhardened-Ollama Docker sandbox entirely, as a dedicated standalone PR so a future re-add can simply revert the removal PR for full context. Owner-decided 2026-06-15.Why
Phase 2 ships the bundled built-in
llama-serverengine, which is now Thuki's local/private inference story: fully local, localhost-only, zero external install.llm-boxwas the "hardened local inference" option back when Ollama was the only backend; the built-in engine supersedes its core value for essentially all users.It is now a niche-of-a-niche: a hardened Docker variant of the optional Ollama provider, marketed in the README as a security feature right next to a default engine that is already local. The messaging competes with itself, and removing it keeps the "built-in plus native Ollama" story lean (local-first simplification, consistent with the broader Phase 2 direction).
What we lose (honest trade-off, recorded for a future re-add)
The Docker container provides process-level isolation the built-in engine does not:
cap_drop: ALL, read-only model volume,no-new-privileges, localhost-only networking. The bundledllama-serverruns as a plain child process. So for a genuinely regulated or security-paranoid user, the sandbox offered real isolation the built-in engine cannot match. It also doubled as a contributor convenience for testing the Ollama provider without a native Ollama install. If that audience or that convenience becomes important again, revert this PR.Scope (remove)
sandbox/llm-box/(thedocker-compose.ymlandREADME.md).package.jsonscripts:llm-box:start,llm-box:stop.README.md: the "Isolated sandbox" feature bullet (around L82) and the full "Docker sandbox" section (around L150-166).CONTRIBUTING.md: thellm-boxtesting instructions (around L79-85); reframe to "test the Ollama provider with a native Ollama install (ollama pull ...)".CLAUDE.md: thesandbox/llm-box/description in the Sandbox section.llm-boxafterward to confirm none remain.Leave untouched:
sandbox/search-box/. That is the/searchfeature's SearXNG and reader stack, unrelated to inference.Constraints
.claude/worktrees/, branch offmain,git commit -s(title plus Signed-off-by only).bun run test:all:coverageandbun run validate-buildand confirm both are green.Re-add path
This is intentionally a standalone removal PR: to bring
llm-boxback later, revert the PR. That restores the compose file, scripts, and all docs in one move, with this issue as the rationale record.