Comment by kvdveer
17 hours ago
A disposable sandbox wont protect you from secret exfiltration. Assuming you don't consider your code a secret, you could of course set up your sandbox so it doesn't have any secrets, but that would severely limit the kinds of tasks you can use the agent for.
<< that would severely limit the kinds of tasks you can use the agent for.
Are we just talking about API calls to providers? If so, wouldn't local agent + sandbox solve all that?
On the one hand, you can set up a proxy that supplements secrets for API calls. On the other hand, you can whitelist what you need, in the simplest case with iptables (The devcontainer in the claude code repo is an example of the latter).