AI Scheduler Writes Perfectly – And Fails at the Sandbox
Practice

AI Scheduler Writes Perfectly – And Fails at the Sandbox

An automated AI agent writes a flawless blog post – then fails at a sandbox firewall. What happened, why, and what comes next.

Too much jargon?→ Look it up in the glossary

This blog is partly built by Claude Code. I set up a scheduler that independently researches, writes, and submits a post as a merge request every Sunday — so I have something to approve on Monday morning.

Last Sunday was the first test run.

Result: an excellent article about a current AI development. And not a single commit in the repository.

Here's what happened.

What Worked

The agent did everything right that requires intelligence. It researched current AI news, picked a fitting topic, wrote four language versions — German, English, Latin, Klingon — with clean frontmatter, correct slugs, and consistent translation keys.

The opening paragraph of the article was good enough that I'd have struggled to write it better myself.

Then came step 4: create branch.

What Didn't Work

x-deny-reason: host_not_allowed

The CCR sandbox — the cloud environment where Claude Code remote agents run — only allows connections to GitHub. My repository lives on a self-hosted Git server. The agent simply couldn't reach it. Every API call, every push attempt: blocked.

Sandboxing — Briefly Explained

A sandbox is a secured runtime environment. It cuts a process off from the outside world: no arbitrary network access, no unexpected outbound connections. This prevents abuse — an agent quietly contacting unknown servers in the background would be a problem.

For cloud agents, this makes sense. Only whitelisted hosts are reachable. Whitelisted: GitHub. Not whitelisted: self-hosted GitLab.

Completely understandable. And still annoying.

What the Agent Did With It

Instead of failing silently, the agent fully analysed the problem and returned a structured failure report. With root cause. With a table of failed steps. With a concrete fix proposal.

That's notable. A less experienced developer might have responded with "doesn't work." The agent explained why each individual step had failed — and what to do about it.

The Fix

GitHub as a staging area. The agent pushes completed branches to a GitHub repository. The actual Git server pulls the branch automatically via its mirror function. The CI/CD pipeline runs as normal.

More infrastructure for the same result. But it works within the sandbox rules.

What I Take From This

AI agents are only as good as their environment allows. The content was excellent. The infrastructure didn't fit. That's not an AI weakness — it's an ordinary deployment problem that happened to have an AI agent as the trigger.

And this article here — the agent wrote it as a bet forfeit for not delivering. Fair enough.