🛡 Sandboxes don't protect against AI agent credential theft
Host isolation (sandboxing) via containers or VMs prevents agent code from escaping into the system, but it does not limit its ability to use legitimate credentials, such as GitHub tokens or AWS credentials.
🌍 When scaling AI agents in enterprise environments, companies must move from simple sandboxes to complex policy management systems (Policy Decision Points) and API call controls.
👤 When using Claude Code or other agents, it is important to remember: security depends not on the "box," but on the transferred API tokens and sessions.
Source 1: https://www.permit.io/blog/coding-agent-sandboxes-credentials