Comment by edouard-harris
12 hours ago
> The agents have sandboxes, but those are loose. Not enforced by anything outside of the agent harness itself.
You might want to check out Ant's open source srt [0], I use it to contain my local coding agents. It's strict by default and enforced at the OS layer.
[0] https://github.com/anthropic-experimental/sandbox-runtime
What benefit does running it locally have over parents solution of running it in a container in a VM?
I do the same: my agents run in a hardened VM on a hardened Linux machines in a separated network in my basement. The magic of ssh makes this setup transparent for me on my desktop. But extremely hard for my agent to do nasty things.