logoalt Hacker News

ashishbtoday at 3:28 AM3 repliesview on HN

There is a reason I run all such CLIs inside a sandbox [1] giving limited directory access.

Imagine if the CLI pulled your SSH keys or other sensitive information by mistake?

Programmers do make such mistakes all the time. I don't want to count on whether "uploading all files it can access" is intentional or a mistake.

1 - https://github.com/ashishb/amazing-sandbox


Replies

exitbtoday at 4:17 AM

What’s described here isn’t connected to the agentic/AI nature of the software at all. Every single program you run as a regular user could potentially do this.

show 1 reply
potamictoday at 5:58 AM

The readme is confusing. You say it has bubblewrap, but you also have an FAQ saying why not to use bubblewrap? Another FAQ says why not to use sandbox-exec for mac, yet the link for mac goes to sandbox-exec?

beepbooptheorytoday at 3:35 AM

But in this particular case isn't the problem that it's sending everything in the sandbox? Rather than what it might do in an otherwise un-sandboxed system?

show 1 reply