[suchar]

This is not privilege separation/sandboxing. Separate virtual machine for an agent with limited credentials is reasonably safe approach

[digitaltrees]

I built www.propelcode.app with separate Linux containers, unless you disconnect the container and your computer from the internet the models can escape the sandbox and get information off of your machine.

I am open to being corrected and learning from you if you have a better method of sandboxing

[Anon1096]

The best way to use LLMs is via tmux where it's running on a disposable VM. 0 chance of it getting information from your local machine.

[digitaltrees]

I am using tmux but not disposable vm. I have thought about something like that but honestly some of the debugging work makes ephemeral environments hard to work with. How are you doing that in your workflow?