[AlexCoventry]

Run coding agents in a docker container with limited permissions. FWIW, I run it with

  --cap-drop=ALL
  --pids-limit=4096
  --runtime=runsc

[flexagoon]

If you're on Linux, you can also easily run it in bwrap to properly sandbox without running a full container

[chrisweekly]

Or put it in a microvm using eg smolmachines.

[causal]

I've never used smolmachines but I'm curious; why this over a container?

[apitman]

Containers are not security boundaries. Vulnerabilities in containers are much more common than in VMs.

[chrisweekly]

Kernel-level isolation is a significant security differentiator, for starters.

https://github.com/smol-machines/smolvm#comparison

shows a good comparison table.

[bionade24]

Using runsc instead of runsc means that there's a hypervisor layer (gvisor, probably) in-between the kernel and the container userland

[worik]

I run mine on their own machine, without root access.

Currently a Raspberry Pi 5

I am very pleased with it.

My Idiot Savant Pet