[SECURITY] Sandboxing for untrusted agent code

[jwesleye]

Feature Description

Run untrusted agents in sandboxed environment with restricted permissions.

Problem/Motivation

Running arbitrary agent code is risky. Need isolation for security.

Proposed Solution

chat_loop untrusted-agent --sandbox

# Restrictions:
# - No file system access outside temp dir
# - No network access (or whitelist)
# - Resource limits (CPU, memory)
# - Timeout enforcement

Could use:

• Docker containers
• Python restricted execution
• OS-level sandboxing

Benefits

• Safe experimentation
• Security hardening
• Trust boundaries
• Protection from malicious code

Priority

• Critical
• High
• Medium
• Low

[jwesleye]

Out of scope - sandboxing is beyond the scope of this chat interface