Skip to content

[SECURITY] Sandboxing for untrusted agent code #40

New issue
New issue
Closed
Closed
[SECURITY] Sandboxing for untrusted agent code#40
Labels
enhancementNew feature or requesttype: securitySecurity-related issue or improvement
@jwesleye

Description

@jwesleye
jwesleye
opened on Oct 10, 2025

Feature Description

Run untrusted agents in sandboxed environment with restricted permissions.

Problem/Motivation

Running arbitrary agent code is risky. Need isolation for security.

Proposed Solution

chat_loop untrusted-agent --sandbox

# Restrictions:
# - No file system access outside temp dir
# - No network access (or whitelist)
# - Resource limits (CPU, memory)
# - Timeout enforcement

Could use:

  • Docker containers
  • Python restricted execution
  • OS-level sandboxing

Benefits

  • Safe experimentation
  • Security hardening
  • Trust boundaries
  • Protection from malicious code

Priority

  • Critical
  • High
  • Medium
  • Low

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requesttype: securitySecurity-related issue or improvement

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions