Comparisons
SCC CLI takes a specific approach to running AI coding agents: container-based sandboxing with centralized team governance. This section compares that approach to other common setups.
Comparison Guides
Section titled “Comparison Guides” SCC vs Local Agent Compare sandboxed execution to running agents directly on your machine
SCC vs Dev Containers Compare SCC's agent-specific governance to generic dev container workflows
SCC vs Manual Docker Compare SCC's automated setup to manually configuring Docker for AI coding agents
What Makes SCC Different
Section titled “What Makes SCC Different”SCC is purpose-built for running AI coding agents in teams. It combines:
| Capability | What SCC Provides |
|---|---|
| Container Isolation | Every session runs in an OCI container — the agent cannot access host files outside mounted paths |
| Multi-Provider | Run Claude Code, Codex, or both through the same governed pipeline; switch per session |
| Team Profiles | Org admins define plugins, MCP servers, and policies; developers run scc setup once |
| Built-in Safety | Fail-closed safety engine blocks destructive git commands and network tools |
| Network Enforcement | Topology-enforced web egress via proxy sidecar, not just env vars |
| Git Worktrees | Create isolated branches for each AI task without polluting main |
| Plugin Governance | Approve or block plugins at the org level; security blocks are absolute |
Which Approach Fits Your Needs?
Section titled “Which Approach Fits Your Needs?”| If you need… | Consider |
|---|---|
| Maximum isolation and team governance | SCC CLI |
| Simple local development (solo) | Local agent (Claude Code or Codex directly) |
| Containerized IDE experience | Dev Containers + SCC or local agent |
| Full control over Docker configuration | Manual Docker setup |
Next Steps
Section titled “Next Steps” Quick Start Try SCC in minutes
Security Model Understand SCC's isolation layers