Another day another reminder to use a sandbox for software development as a defense-in-depth measure<p><a href="https://github.com/ashishb/amazing-sandbox" rel="nofollow">https://github.com/ashishb/amazing-sandbox</a>
Docker is not a strong security boundary and shouldn't be used to sandbox like this<p><a href="https://cloud.google.com/blog/products/gcp/exploring-container-security-an-overview" rel="nofollow">https://cloud.google.com/blog/products/gcp/exploring-contain...</a>
What makes you think that?<p>Your cab see the commit history ~10% of code is written by agents.<p>Rest was all written by me.<p>Unlike other criticisms of the project, this one feels personal as it is objectively incorrect.