diff --git a/codex-rs/core/src/features.rs b/codex-rs/core/src/features.rs
index 3f6756667a..032d7ec744 100644
--- a/codex-rs/core/src/features.rs
+++ b/codex-rs/core/src/features.rs
@@ -474,6 +474,13 @@ pub const FEATURES: &[FeatureSpec] = &[
     FeatureSpec {
         id: Feature::UseLinuxSandboxBwrap,
         key: "use_linux_sandbox_bwrap",
+        #[cfg(target_os = "linux")]
+        stage: Stage::Experimental {
+            name: "Bubblewrap sandbox",
+            menu_description: "Try the new linux sandbox based on bubblewrap.",
+            announcement: "NEW: Linux bubblewrap sandbox offers stronger filesystem and network controls than Landlock alone, including keeping .git and .codex read-only inside writable workspaces. Enable it in /experimental and restart Codex to try it.",
+        },
+        #[cfg(not(target_os = "linux"))]
         stage: Stage::UnderDevelopment,
         default_enabled: false,
     },
@@ -652,4 +659,24 @@ mod tests {
             }
         }
     }
+
+    #[cfg(target_os = "linux")]
+    #[test]
+    fn use_linux_sandbox_bwrap_is_experimental_on_linux() {
+        assert!(matches!(
+            Feature::UseLinuxSandboxBwrap.stage(),
+            Stage::Experimental { .. }
+        ));
+        assert_eq!(Feature::UseLinuxSandboxBwrap.default_enabled(), false);
+    }
+
+    #[cfg(not(target_os = "linux"))]
+    #[test]
+    fn use_linux_sandbox_bwrap_is_under_development_off_linux() {
+        assert_eq!(
+            Feature::UseLinuxSandboxBwrap.stage(),
+            Stage::UnderDevelopment
+        );
+        assert_eq!(Feature::UseLinuxSandboxBwrap.default_enabled(), false);
+    }
 }