diff --git a/common/sandboxed-workspace/base.nix b/common/sandboxed-workspace/base.nix
index 10be233..38b1339 100644
--- a/common/sandboxed-workspace/base.nix
+++ b/common/sandboxed-workspace/base.nix
@@ -114,6 +114,7 @@ in
 
   # Enable flakes
   nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  nix.settings.trusted-users = [ "googlebot" ];
 
   # Make nixpkgs available in NIX_PATH and registry (like the NixOS ISO)
   # This allows `nix-shell -p`, `nix repl '<nixpkgs>'`, etc. to work
diff --git a/common/sandboxed-workspace/incus.nix b/common/sandboxed-workspace/incus.nix
index 17565b2..0e3f2cb 100644
--- a/common/sandboxed-workspace/incus.nix
+++ b/common/sandboxed-workspace/incus.nix
@@ -32,6 +32,9 @@ let
             networking.useHostResolvConf = false;
             nixpkgs.config.allowUnfree = true;
 
+            # Incus containers don't support the kernel features nix sandbox requires
+            nix.settings.sandbox = false;
+
             environment.systemPackages = [
               (lib.hiPrio (pkgs.writeShellScriptBin "claude" ''
                 exec ${pkgs.claude-code}/bin/claude --dangerously-skip-permissions "$@"