|
|
|
|
|
|
by omrimaya
105 days ago
|
|
|
The capability-based permission propagation is the part I'd want to stress-test first, in practice we found that the interesting failure mode isn't the agent escaping its sandbox, it's the agent calling back into the host in ways that are technically permitted but semantically wrong |
|
|