What security boundaries should agents have?
Why This Question Matters
Agents that can use tools, browse, write code, and affect production need boundaries around identity, permissions, execution, audit, and rollback.
Current Working Answer
This page is a first-pass research question, not a final recommendation. Use the linked evidence to refine the answer as more exact session recordings, transcripts, and reviewed slide readings become available.
Source Evidence
- agent security — Topic synthesis
- ai sandboxes — Topic synthesis
- mcp — Topic synthesis
- arrakis — Tool inventory
- docker — Tool inventory
- tailscale aperture — Tool inventory
- 2026 06 29 javier garza ai security engineer foundations certificate — Official schedule
- 2026 06 29 moritz johner we gave an agent production code access and then tried to sleep at night — Official schedule
- 2026 06 30 robert brennan sandboxes aren t optional runtime isolation patterns for coding agents at scale — Official schedule
- 2026 06 30 samuel colvin your agent needs a sandbox not a desert — Official schedule
- youtube wsFd22SL1s8 slides — Slide/OCR evidence
- youtube BM2JX9hqsVQ slides — Slide/OCR evidence
- youtube JhJKgRAmfIU slides — Slide/OCR evidence
Follow-Up
- Extract specific claims from the linked source pages.
- Separate official schedule evidence from supporting YouTube, transcript, and OCR evidence.
- Convert stable answers into playbooks, harnesses, or evaluations where appropriate.