I'm not sure how much sandboxing can help here. Presumably you're giving the too... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		throitallaway 21 days ago \| parent \| context \| favorite \| on: Google Antigravity exfiltrates data via indirect p... I'm not sure how much sandboxing can help here. Presumably you're giving the tool access to a repo directory, and that's where a juicy .env file can live. It will also have access to your environment variables. I suspect a lot of people permanently allow actions and classes of commands to be run by these tools rather than clicking "yes" a bunch of times during their workflows. Ride the vibes.

thomas34298 21 days ago [–]

That's the entire point of sandboxing, so none of what you listed would be accessible by default. Check out https://github.com/anthropic-experimental/sandbox-runtime and https://github.com/Zouuup/landrun as examples on how you could restrict agents for example.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact